Features

A New Holistic Paradigm

DQI Bureau

08 Dec 2004 00:00 IST

New Update

The enterprise network environment is changing dramatically. Today, most

enterprises have many more users (both internal and external) accessing their

networks then they had in the past. Most of them are connected to several more

networks including the Internet and many of these networks are being accessed

remotely. Networks are expanding in one more sense-they are running myriad

applications that in turn drive many of the businesses that these enterprises

deal in. This growth and expansion of enterprise networks and increasing

reliance of business on them has given rise to new challenges of securing these

networks.

Advertisment

As the security environment worsens as a result of a complex set of threats

and vulnerabilities, network security must be dealt at different levels and in a

much more comprehensive manner than it is being done today. Moreover, there is a

growing need to look at the entire paraphernalia of internal security from a

fresh perspective. Addressing internal security challenges is not going to be

easy given the current network environment-there are thousands of systems to

be protected and hundreds of megabytes of traffic need to inspected and mediated

per second. The application environment too is changing fast with thousands of

new applications based on hundreds of new protocols coming up. Given all this,

security cannot be just about securing the perimeter with firewalls and IDS or

merely arming end user devices like PC or laptops with anti-virus solutions.

Security solution vendor Check Point Software Technologies realizes this

well. So keeping in mind the growing complexity of the networks, and the threats

and vulnerabilities they face, Check Point recently announced a new three

dimensional "Intelligent Security Strategy" that extends the concept

of security beyond the perimeter and takes care of internal and web security as

well. Besides, securing remote and mobile endpoints is another challenging area

that Check Point is addressing. Check Point, which has long been a confirmed

leader in the firewall solutions market globally, is now offering a family of

internal and web security solutions, and has already won accolades for its new

approach from customers and security analysts.

Opening the annual Check Point Experience, a conference of Asian partners and

users in Bangkok recently, Check Point chairman and CEO Gil Shwed argued

strongly in favour of moving beyond the perimeter with intelligent security in

view of the growing variety and complexity of challenges. Towards this end,

Shwed said Check Point would continue to expand its range of offerings working

on new solutions and concepts.

Advertisment

Check Point's New Testament
Perimeter Security Challenges Threats no longer focused on network layer, the application layer is the hackers' new playground. Attack protection solutions must protect network, services and applications, provide secure office connection, secure remote employee access, resilient network availability, and controllable Internet access	Internet Security Challenges Conventional security products are not ideal solutions to the internal security challenge. Internal security solutions must contain threats (like worms), compartmentalize the network, should not disturb legitimate traffic, protect the desk top, protect the server, secure the data center	Web Security Challenges 70% of new attacks target web-enabled applications and their number is growing. Web security solutions should provide secure web access, protect web servers and applications, must be easy to deploy, should provide integrated access control

Shwed, who founded Check Point Software in 1993, also said that the company

would continue to strengthen its partnerships with other vendors so that

customers always get best-of-breed solutions. Check Point's Open Platform for

Security (OPSEC) framework and alliance that works for integration and interoper—ability

with best-of-breed solutions, already has over 350 companies. These include

companies like Symantec, RSA Security, Computer Associates, McAfee, Trend Micro,

Crossbeam, Resilience besides Microsoft, IBM, Intel, 3Com, HP and Sun

Microsystems.

At the two-day conference (September 1-2, 2004) attended by top Check Point

executives and partners like Nokia, Crossbeam Systems and Resilience among

others, Internal and Web security were clearly identified as the two biggest

challenge areas. However, as enterprises are just now starting to define their

requirement for internal security, it is going to be a challenging task even for

a pioneer like Check Point when it comes to making enterprises see benefits in

implementing comprehensive internal security. For one, as the vendor's

director, marketing, Vinay Goel, points out, in an environment where many users

still consider anti-virus/firewalls the end of security, educating users still

remains the biggest challenge for any vendor.

Advertisment

Interview

Kelvin Lim, regional manager, South Asia, Check Point Software Technologies

How would you define the current positioning of Check Point in the security solutions market?

Check Point is the market leader in firewall/VPN solution with more than 80% share in the enterprise market in India. Our state-of-the-art technology provides secured access to ITC resources and ensures business continuity over the Internet.

Your current roadmap focuses on layered solutions for perimeter, internal and Web security. What do you think are the challenges ahead for you on this roadmap? As a security vendor, what do you think is the biggest challenge you face while dealing with your customers?

It is unwise to believe that there is a single solution/product that could provide security for perimeter, internal and web. Applications, threats and traffic are different between the Internet, the LAN and the Web-based application. Hence, users need to understand the different types of protocol, applications and the threats to them that can be found in Internet, LAN and Web-based applications. Users may tend to choose a security product before designing the security policy.

How mature are enterprises when it comes to understanding security? Do you think business managers understand security? Do you think niche security companies like Check Point are at a disadvantage compared to a networking vendor like Cisco, which offers both networking and security solutions?

Some users put a lot of effort in designing their network infrastructure, server capacity, etc, but very little time and effort in choosing a security solution-without knowing that a by-the-way security solution may compromise the efforts put in the selection and designing of the infrastructure and endanger the business continuity. The objective of implementing or installing a security solution is security-security that not only protects illegal access to the network but also provides against any threat that may capitalize on the vulnerability of a application or protocol.

How important is India in your current scheme of things?

India has and will always be an important market for Check Point. We will continue to work with our partners in India to provide the most secure solution to enable business continuity. By having a local presence, we will continue to build towards better service and support to the India market.

Urging that there was a need to redefine the perimeter "inward"

Mark Bouchard, senior program director, META Group, said that the current

internal/perimeter approach to security is based on flawed assumptions. "It

is wrong to assume that controls would be consistently effective or that threats

from internal sources are negligible," Endorsing Check Point's current

strategy, Bouchard said it is good that its solutions are addressing the new

emerging dimensions in security individually and holistically, along the major

dimensions.

Ravi Shekhar Pandey in

Bangkok

Advertisment