Check Point Enhances Cloud Network Security with Nutanix AOS 7.3 Integration

Check Point Software Technologies, a global leader in cybersecurity solutions, has officially announced the successful integration of its Check Point CloudGuard Network Security with the latest updates from Nutanix AOS 7.3. This integration includes the advanced Flow Network Security, allowing for a seamless enhancement of network functionalities within Nutanix environments. This collaboration marks a significant milestone in empowering businesses with robust cloud security solutions amidst escalating cyber threats that leverage AI technologies.

As organizations navigate increasingly complex hybrid cloud environments, the imperative to strengthen security measures without escalating operational burdens has become pronounced. The recent integration with Nutanix provides innovative solutions to this pressing challenge, ensuring that enterprises can effectively safeguard their digital assets.

Key Features of the Integration

The Flow Network Security bolsters micro-segmentation capabilities through entity group policies, vNIC-specific policies, and global scope policies. Clients can benefit from Nutanix's native service insertion functionalities, which facilitates efficient, high-performance, and scalable network security through an integrated firewall chain feature that works seamlessly with CloudGuard Network Security.

This integration is a testament to the long-standing partnership between Check Point and Nutanix, further expanding the integration discussions spotlighted in a blog post published back in March of this year.

Understanding Nutanix Service Insertion

Service Insertion is a key innovation that allows customers to insert third-party virtual network services, such as Check Point CloudGuard Network Security, into their virtual machine data paths. It enables service chaining over Layer 3 (L3) networks, working cohesively with Flow Virtual Networking (FVN) to achieve heightened traffic visibility and advanced network protection.

New Features in Nutanix AOS 7.3

Nutanix AOS 7.3 introduces crucial enhancements aimed at automating virtual networks and bolstering security frameworks. These enhancements simplify the configuration and management of virtual networks for security architects.

1. Service Insertion: This feature enables seamless redirection of traffic to third-party firewalls, including Check Point CloudGuard Network Security, ensuring deep packet inspection (DPI) and policy enforcement.
2. Flow Virtual Networking Improvements: Enhancements to policy creation, visualization, and service chaining workflows make it easier to implement Zero Trust micro-segmentation and compliance controls.

Simplifying Zero Trust with CloudGuard Network Security

Through the capabilities offered by AOS 7.3 and service insertion, Check Point CloudGuard Network Security has established itself as a leading security solution within the Nutanix ecosystem. Traffic between virtual machines or tenant zones is automatically redirected for inspection and execution via CloudGuard Network Security without the need for manual VLAN or routing table configuration.

This automation paves the way for numerous benefits:

- Reinforcement of Zero Trust architecture
- Enhanced east-west micro-segmentation
- Multi-tenant security frameworks
- Compliance tracking and logging capabilities
- Inspection of east-west traffic within private clouds
- Preventive measures for both north-south traffic entering or exiting the Nutanix environment
- Implementation of multi-layered inspection via dynamic policy-based service chaining

Utilizing CloudGuard Network Security's Firewall Chain

Firewall chaining allows for a defined service chain that routes traffic through multiple inspection points, such as Check Point firewalls and IDS/IPS systems. This processing is dictated by dynamic policies rather than static routing configurations, enhancing flexibility in security operations.

Example Traffic Flow:
[Virtual Machine 1] → [CloudGuard Network Security NGFW] → [Traffic Analyzer] → [Virtual Machine 2]

Security engineers can define traffic policies to automatically route specific flows through the CloudGuard Network Security gateway, utilizing leading threat prevention, application control, IPS, antivirus, and anti-bot technologies. These capabilities are centrally managed via Check Point’s SmartConsole or Infinity Portal.

Advantages Offered to Customers through Nutanix and CloudGuard Integration

1. Enhanced Compliance: Implementing AI-powered traffic inspection through a Zero Trust approach when handling regulated data.
2. Rapid Deployment: The combination of Check Point’s software integration with Nutanix Cloud Manager (formerly CALM Blueprint) provides rapid deployment capabilities through standardized templates and flexible configurations.
3. Cost Reduction in Security Operations: By integrating with Nutanix Prism Central, CloudGuard Network Security can import information related to categories, tags, endpoint groups, and virtual machine IDs into its security management framework. This usage of Nutanix categories and tags enables the automatic adaptation of security policies to changes in the virtual infrastructure.

For instance, when a new Nutanix Store Server VM is deployed and added to the “Store_Servers” group, it automatically receives the associated security policy, ensuring continuous protection without manual intervention.

Diagram

Figure 1: Automatic protection upon the addition of new cloud objects into the Store_Servers group, leading to reduced manual intervention through CloudGuard's adaptive policy.

The Next Steps: Protecting All Networks with Check Point

Combining Nutanix’s SDN capabilities with CloudGuard Network Security provides critical control, visibility, and automation necessary for securely expanding cloud services, allowing enterprises to deploy services anywhere.
For further insights, explore the CloudGuard Network Security demo on Nutanix or check out the overview of our joint solutions.

This article is based on a blog post published on September 16, 2025, US time.

About Check Point

Check Point Software Technologies is a leading provider of digital trust solutions, safeguarding over 100,000 organizations worldwide through AI-powered cybersecurity solutions. The company’s Infinity Platform and open garden ecosystem deliver best-in-class security efficacy while significantly reducing risks. Its hybrid mesh network architecture at the core of the Infinity Platform integrates the management of on-premises, cloud, and workspace environments, providing enterprises and service providers flexibility, simplicity, and scalability. Check Point Software Technologies has a fully owned subsidiary in Japan, offering localized services since its establishment in 1997, located in Minato, Tokyo.

Follow Check Point on Social Media

Legal Disclaimer regarding Forward-Looking Statements

This press release contains forward-looking statements concerning future events or our expected future financial or operational performance. Such statements may include Check Point's anticipated future growth, expansion of industry leadership, shareholder value increase, and outlook for providing market-leading cybersecurity platforms to our global customers. However, they are inherently subject to risks and uncertainties that could cause actual results or events to materially differ from those projected. These risks include any changes to our capabilities to continue developing platform functionalities and solutions, the acceptance and purchasing of our existing and new solutions by customers, ongoing development of the IT security market, competitive pressures from other products and services, and effects from general market conditions, political or economic events, and acts of terror or war. For more information about the risks and uncertainties inherent in the forward-looking statements included in this press release, please refer to our annual report submitted to the US Securities and Exchange Commission on Form 20-F dated April 2, 2024. Check Point has no obligations to update the forward-looking statements contained in this press release except as required by law.