Features

A New Holistic Paradigm

DQI Bureau

08 Dec 2004 00:00 IST

New Update

The enterprise network environment is changing dramatically. Today, most
enterprises have many more users (both internal and external) accessing their
networks then they had in the past. Most of them are connected to several more
networks including the Internet and many of these networks are being accessed
remotely. Networks are expanding in one more sense-they are running myriad
applications that in turn drive many of the businesses that these enterprises
deal in. This growth and expansion of enterprise networks and increasing
reliance of business on them has given rise to new challenges of securing these
networks.

Advertisment

As the security environment worsens as a result of a complex set of threats
and vulnerabilities, network security must be dealt at different levels and in a
much more comprehensive manner than it is being done today. Moreover, there is a
growing need to look at the entire paraphernalia of internal security from a
fresh perspective. Addressing internal security challenges is not going to be
easy given the current network environment-there are thousands of systems to
be protected and hundreds of megabytes of traffic need to inspected and mediated
per second. The application environment too is changing fast with thousands of
new applications based on hundreds of new protocols coming up. Given all this,
security cannot be just about securing the perimeter with firewalls and IDS or
merely arming end user devices like PC or laptops with anti-virus solutions.

Security solution vendor Check Point Software Technologies realizes this
well. So keeping in mind the growing complexity of the networks, and the threats
and vulnerabilities they face, Check Point recently announced a new three
dimensional "Intelligent Security Strategy" that extends the concept
of security beyond the perimeter and takes care of internal and web security as
well. Besides, securing remote and mobile endpoints is another challenging area
that Check Point is addressing. Check Point, which has long been a confirmed
leader in the firewall solutions market globally, is now offering a family of
internal and web security solutions, and has already won accolades for its new
approach from customers and security analysts.

Opening the annual Check Point Experience, a conference of Asian partners and
users in Bangkok recently, Check Point chairman and CEO Gil Shwed argued
strongly in favour of moving beyond the perimeter with intelligent security in
view of the growing variety and complexity of challenges. Towards this end,
Shwed said Check Point would continue to expand its range of offerings working
on new solutions and concepts.

Advertisment

Check Point's New Testament
Perimeter Security Challenges Threats no longer focused on network layer, the application layer is the hackers' new playground. Attack protection solutions must protect network, services and applications, provide secure office connection, secure remote employee access, resilient network availability, and controllable Internet access	Internet Security Challenges Conventional security products are not ideal solutions to the internal security challenge. Internal security solutions must contain threats (like worms), compartmentalize the network, should not disturb legitimate traffic, protect the desk top, protect the server, secure the data center	Web Security Challenges 70% of new attacks target web-enabled applications and their number is growing. Web security solutions should provide secure web access, protect web servers and applications, must be easy to deploy, should provide integrated access control

Shwed, who founded Check Point Software in 1993, also said that the company
would continue to strengthen its partnerships with other vendors so that
customers always get best-of-breed solutions. Check Point's Open Platform for
Security (OPSEC) framework and alliance that works for integration and interoper—ability
with best-of-breed solutions, already has over 350 companies. These include
companies like Symantec, RSA Security, Computer Associates, McAfee, Trend Micro,
Crossbeam, Resilience besides Microsoft, IBM, Intel, 3Com, HP and Sun
Microsystems.

At the two-day conference (September 1-2, 2004) attended by top Check Point
executives and partners like Nokia, Crossbeam Systems and Resilience among
others, Internal and Web security were clearly identified as the two biggest
challenge areas. However, as enterprises are just now starting to define their
requirement for internal security, it is going to be a challenging task even for
a pioneer like Check Point when it comes to making enterprises see benefits in
implementing comprehensive internal security. For one, as the vendor's
director, marketing, Vinay Goel, points out, in an environment where many users
still consider anti-virus/firewalls the end of security, educating users still
remains the biggest challenge for any vendor.

Advertisment

Interview

Kelvin Lim, regional manager, South Asia, Check Point Software Technologies

How would you define the current positioning of Check Point in the security solutions market?

Check Point is the market leader in firewall/VPN solution with more than 80% share in the enterprise market in India. Our state-of-the-art technology provides secured access to ITC resources and ensures business continuity over the Internet.

Your current roadmap focuses on layered solutions for perimeter, internal and Web security. What do you think are the challenges ahead for you on this roadmap? As a security vendor, what do you think is the biggest challenge you face while dealing with your customers?

It is unwise to believe that there is a single solution/product that could provide security for perimeter, internal and web. Applications, threats and traffic are different between the Internet, the LAN and the Web-based application. Hence, users need to understand the different types of protocol, applications and the threats to them that can be found in Internet, LAN and Web-based applications. Users may tend to choose a security product before designing the security policy.

How mature are enterprises when it comes to understanding security? Do you think business managers understand security? Do you think niche security companies like Check Point are at a disadvantage compared to a networking vendor like Cisco, which offers both networking and security solutions?

Some users put a lot of effort in designing their network infrastructure, server capacity, etc, but very little time and effort in choosing a security solution-without knowing that a by-the-way security solution may compromise the efforts put in the selection and designing of the infrastructure and endanger the business continuity. The objective of implementing or installing a security solution is security-security that not only protects illegal access to the network but also provides against any threat that may capitalize on the vulnerability of a application or protocol.

How important is India in your current scheme of things?

India has and will always be an important market for Check Point. We will continue to work with our partners in India to provide the most secure solution to enable business continuity. By having a local presence, we will continue to build towards better service and support to the India market.

Urging that there was a need to redefine the perimeter "inward"
Mark Bouchard, senior program director, META Group, said that the current
internal/perimeter approach to security is based on flawed assumptions. "It
is wrong to assume that controls would be consistently effective or that threats
from internal sources are negligible," Endorsing Check Point's current
strategy, Bouchard said it is good that its solutions are addressing the new
emerging dimensions in security individually and holistically, along the major
dimensions.

Ravi Shekhar Pandey in
Bangkok

Advertisment