|
|
|
|
|
|
| ISP Resources |
| ISP-Lists ISP Glossary ISP News The List ISPCON Events Free Newsletters |
|
|
|
||
| internet.commerce | ||
|
Partner With Us |
Intrusion
Detection Systems:
Check Point Software Technologies
Check Point's new SmartDefense product provides ongoing
attack detection and prevention in conjunction with the company's other
security products.
[May 23, 2002] |
 |
Check Point Software Technologies is best known for its Firewall-1 product, first released in 1994. Raphael Reich, the company's Product Marketing Manager, recalls that Firewall-1 was revolutionary in its simplicity. "Check Point came out with the first shrink-wrapped product that security administrators could just purchase and use," he said. "From the start, it had a very intuitive user interface."
With a limited number of security experts available and with more and
more companies connecting to the Internet, ease of use was crucial—and the same factors remain in place today. "Our products are still the
easiest to use," Reich said. "We have lots of features and capabilities
that make managing both small and large environments very simple."
|
Check Point Software Technologies Three Lagoon Drive, Suite 400 Redwood City, CA 94065 Voice: (650) 628-2000 E-mail: info@checkpoint.com |
 |
Once Firewall-1 was released, adding VPN functionality was a logical next step as companies began using the Internet for remote access. "We leveraged our position as a firewall leader at that point and we introduced VPN capabilities into the product—a VPN gateway and VPN client software—and we've been quite successful in the VPN market as well," Reich said.
Check Point's Open Platform for Security (OPSEC) partner alliance, provides interoperability with other best of breed security products. "The premise is that Check Point creates great VPN and firewall products, but we can't create everything," Reich said. "We're good at what we do, but we don't try to go out and create every possible security product that one can imagine."
Last month, Check Point announced a new category of products called Active Defense, offering the ability to detect and respond to attacks in real time. "With security threats becoming increasingly complex and fast-moving, there's a need on the part of security administrators to respond to them in an easy manner and as quickly as possible," Reich said. SmartDefense, Check Point's first product in the Active Defense category, is currently in beta and will be available in Q3 2002. Pre-installed as a component in all Check Point security products, SmartDefense will both detect and stop attacks, logging forensic information and using online updates to respond to new attacks.
On the attack
Because SmartDefense works directly with Firewall-1 or VPN-1, Reich says,
it's able to provide a strong first line of defense from attacks and threats—separating it from most intrusion detection systems. "As a category,
intrusion detection products typically identify threats, but don't respond
to them," he said. "This is a single product that both identifies and
responds to attacks."
Still, Reich points out that SmartDefense's placement at the firewall means that it will still be crucial to deploy separate host and network IDS sensors for internal defense. "Intrusion detection systems are looking at a broader set of attacks, to some extent," he said. "You should still employ intrusion detection solutions inside your network."
The SmartDefense user interface provides centralized management for the product, as well as a detailed log of attacks. "The centralized control is important—you've got a single point from which to configure and defend against attacks," Reich said. "It detects and blocks attacks, then it captures information in a log file. It shows exactly what it's done to defend against the attack."
Central to the product—and to its fee structure—is a subscription service provided by Check Point which keeps SmartDefense updated with the latest attack information. "As new attacks emerge and we have solutions for how to defend against them, users can download that information dynamically and update the product," Reich said.
As a result, the SmartDefense user interface can not only give users detailed information on attacks, but can also provide hyperlinks to online resources with further information on each threat. "It gives you background on the attack, where to find more information, and how to configure your products to defend against it," Reich said.
Because SmartDefense will be pre-installed in all Check Point security products, there's no separate fee for the software itself, or for ongoing tech support. Instead, pricing for SmartDefense is tied to the subscription-based updates, starting at $1,000 per firewall or gateway per year. Bulk pricing is also available, at $10,000 for up to 100 gateways.
Variations on themes
Sweta Duseja, Check Point's Service Provider Marketing Manager, says SmartDefense
offers a wide range of choices for service providers in particular. "One
is an outright resale of the product: all of our service providers are
huge resellers of our product," she said. "They could just say, you've
already bought VPN-1 and you're managing it on your own: would you like
some proactive defense to go with that?"
"A second option would be to offer it to customers as part of a managed service," Duseja said. "Say, we're monitoring your firewall: would you like us to include, for five dollars more for example, the capability to protect you from anything suspicious in your traffic? A variation would be an outright inclusion of SmartDefense into your basic managed firewall or VPN services, applied across the entire customer base."
Anil Phull, Yankee Group senior analyst, sees SmartDefense as a great differentiator for Check Point's Firewall-1. "Firewalls today are sort of a commodity," Phull said. "Some are a little better performing in terms of the traffic they can handle, but they pretty much do the same things. This is a huge value add for the firewall, because it's taking on new attributes."
As a result, Phull suggests, Check Point should be able to position Firewall-1 against products it couldn't previously challenge. "They're going to be supplanting some boxes that are already out on the market, like Top Layer and Radware—or they'll go in direct competition with those guys," he said. "So this is definitely stirring up the pot."
While Phull doesn't see SmartDefense as radically different from other products currently available, he's impressed with the added functionality it offers to Firewall-1 users. "It's probably not a huge upset to the market, because other firewall vendors like WatchGuard have some sort of vulnerability assessment or notification service," he said. "It's nothing earth-shattering—but it is a smart move."
— End
Online Resources:
Intrusion
Detection Systems Directory
IDS
Quick Reference Chart
| Related articles: | ||
| [Dec. 24, 2001] | White Paper: Reducing Network Security Risk | |
| [Sept. 25, 2001] | Physical Security Augments Logical Security | |
| [July 11, 2001] | ISP-Planet Survey: MSSPs | |
|
|
|
| Best of ISP-Planet | ||
|---|---|---|
|
ISP-Planet
Guide
ISP-Planet's Principal Studies Directories:
Q2 2008 Top U.S. ISPs by Subscriber (Updated 08/29/2008)
ISP-Planet's Blogroll | ||
ISP-Planet's
RSS feed
