The Web    Google
Check Point Directing Security to Web Applications, End Points

Check Point Directing Security to Web Applications, End Points
May 5, 2004

Given the increasing level of attack from the Web environment, the protection of Web servers, Web applications, back-end systems and databases is becoming a higher priority for many companies. Gartner reports that 75% of cyber attacks and Internet security violations are generated through Internet applications.

Check Point Software is responding to the increased Web attacks with two add-ons to its existing products and one new product line.

Web Intelligence from Check Point, an enhancement to the VPN-1 firewall product, adds malicious code protection and enhanced streaming inspection to VPN-1's stateful inspection and application intelligence features.

The malicious code protection catches known attacks, buffer overflows and code-based attacks by disassembling and analyzing executable code embedded in network traffic. The attack is identified based on a simulation of its behavior, in a process Check Point is seeking to patent. Streaming inspection performance has been enhanced by executing process in the processor kernel, yielding application processing speeds of up to 1 Gbps.

Check Point Connectra, a new product, is a Web security gateway in a dedicated appliance format that provides an entry for SSL VPN connections into the company network.

Through a browser, the user sees a VPN portal listing applications and files with access permission. The product incorporates features of the Zone Labs end point security product Check Point recently acquired to scan clients for spyware, malicious code, keystroke loggers and Trojan horses. Access rights adjust based on the security of the end-user devices and the authentication level employed. Connectra also includes the capabilities of Web Intelligence.

"The SSL VPN gateway competitors are not addressing security adequately," says Mark Kraynak, manager of product marketing for Check Point. "The end point needs to be secured."

A third product, SSL Network Extender, is available as an add-on to VPN-1 and is included with Connectra. This product extends secure Internet access to legacy applications by tunneling via a Web plug-in, so that client software does not have to be installed and configured on the user's device. As an add-on to VPN-1, the product supports a mixed IPSec and SSL VPN environment.

Connectra, which is expected to be available in June, will start at $10,000. As an add-on to VPN-1, Connectra prices will start at $2,300. The SSL Network Extender is available free with Connectra.

Web Intelligence, due to be available in May, will be licensed per gateway based on the number of protected Web servers. The price for up to three servers is $5,000; for up to 10 servers, $10,000; and for unlimited servers, the price is $20,000.

  • 10/27: Famus-C Worm Sends Private Data
  • 9/22: Rbot-KJ Worm Has Backdoor
  • 2/11: Rbot-VT Worm Has Backdoor Ability
  • 7/30: Tompai-A Has Backdoor Functionality
  • Fighting to Keep Smut-Spam in a Brown Wrapper
  • 4/8: Mytob-AB Worm Comes as Attachment
  • 3/8: Kelvir-D an IM Worm
  • 11/8: IRC.Bifrut Trojan Lets Attacker In
  • Secure Messaging Vendor Offers Management Appliance
  • IM Threat Center Formed
  • 11/1: Bagle-BE Worm Opens TCP Port
  • Security Camera Companies and products