Check Point Unveils Security Architecture for Threat-Intelligence Sharing
Check Point Software Technologies today said it is extending its security architecture to be able to incorporate more threat-intelligence data that could be shared with other vendor partners, with the goal of providing more adaptive prevention.
Tue, February 25, 2014
Network World — San Francisco -- Check Point Software Technologies today said it is extending its security architecture to be able to incorporate more threat-intelligence data that could be shared with other vendor partners, with the goal of providing more adaptive prevention.
Calling this architecture "Software-Defined Protection," the concept is to integrate valuable threat information provided by other vendors through a set of APIs, which will be introduced later this year. The architecture is defined in a document Check Point is publishing today.
According to Gabi Reish, vice president of product development at Check Point, it envisions three main security layers for security enforcement, control and management. The goal is for Check Point to introduce a new type of management console by midyear that would integrate threat information from multiple sources for the purpose of applying preventive measures both through Check Point products, such as its firewalls, and participating vendors supporting the architecture.
+ ALSO ON NETWORK WORLD Hot, new products from RSA Conference +
Dorit Dor, vice president of products, said Check Point is beyond just the conceptual phase of the new "Software-Defined Protection" and is testing it out in a pilot mode with a few participants, such as iSIGHT Partners. The intent is to have a new management console for enforcement and control within six months.
The architecture is part of the security firm's effort to widen its scope far beyond its traditional firewall/IPS product lines which now handle many tasks, including sandbox anti-malware detection, for the enterprise. But Check Point faces the same questions as any other firewall vendor that primarily sells hardware appliances. The question is how to extend firewalling used in the enterprise network to the cloud in a world where mobile devices are increasingly important and enterprise data ends up stored in virtualized cloud environments, whether private clouds, software-as-a-service or infrastructure as a service.
Check Point is quietly working on establishing the equivalent of cloud-based firewalling services by setting up a new infrastructure for in about 20 data centers globally (the data centers aren't owned by Check Point). The goal is to allow the traditional firewall customer to establish policy for mobile device and cloud services, for example, that would be able to enforce policy such as data-loss prevention. Check Point already has a virtual firewall that can be deployed in cloud environments. But it remains to be seen how newer ideas around "Software-Defined Protection" and perhaps cloud firewall services will play out later this year.
Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org
Read more about wide area network in Network World's Wide Area Network section.