Security needs to be unified, simplified and proactive
IT security powerhouse Check Point is on a mission to make the management of security products unified and simplified, and nowhere has that message been more clear than at its annual conference in Barcelona, where some 1,100 attendees – and Help Net Security among them – had the opportunity to see and hear everything they wanted to know about the company.
Established eighteen years ago, the company has made history with its first product – simply named FireWall-1 – which was the first commercially available software firewall to use stateful inspection.
Because of this, they were – and are – known as “The Firewall Company”, but after it executed a number of acquisitions (ZoneLabs and the Nokia Security Appliances division – among others) that allowed it to offer software and hardware for data, network and endpoint security, and security management, its CEO hopes that people will come to know it as a company that offers security on many fronts.
Gil Shwed, Check Point’s co-founder and CEO, has put a lot on emphasis on the fact that the company’s approach to security is based on an effective and seamless integration of policy, people and enforcement. They call it 3D security, and they stress that users need to be engaged and educated on security policy enforcement.
As I was able to see, a lot of their solutions include education directly into the program, which usually takes the form of warnings popping up when users are about to do something that could endanger the enterprise – for example, send out confidential data to a private email.
It is not enough just to say to the user that he can’t do something, says Shwed. He argues that an explanation about why the alert has popped up is necessary, along with an elucidation of the implications of the attempted action, and an offered solution. “Users should be made to take ownership and responsibility for their actions,” he says.
It is not a foolproof method, to be sure, but he insist that it helps inform users who don’t yet know what they are expected to do or not to do and makes malicious ones think twice about proceeding. The system also logs all these actions and/or attempts, leaving a mark that may help solve questions in the future or allow the company to react in time and prevent further damage caused by the action.
“Security today is a collection of many different technologies, many point solutions bought from different vendors. But that is no longer enough,” he says. “Security is not just about technology, security should become a business process.”
And why are people at the center of this vision? For Shwed, the answer is obvious – “They are the ones who use the technology, and they are the ones that usually make mistakes that lead to insecurity.”
When talking about policy as the anchor of security, he insists that corporate policies must be simple, meaningful and usable. “And not too long. At Check Point, for example, every new user that joins the company must read some security material – which takes about half an hour – and before he can access the network, he must go through and answer correctly some 20 questions (online) in order to get access to the network,” he says.
When it comes to enforcement, he believes that Check Point is on the right track with its software blade architecture. IPS, DLP, mobile access, firewall, application control and more – all working within the same architecture, the same environment, managed from the same console.
He not only considers it more effective and easier to manage, but cheaper, too. Instead of 15-20 point solutions on its network, an enterprise can have five and add software blades as the need arises, paying for the additional capability less than for additional appliances that do only one thing.
Both Shwed and John Vecchi, Check Point’s head of global product marketing, point out that the time for proactive security has definitely come, and the 3D security vision that they begun implementing with the introduction of Check Point R75 network security suite in February is a way to change an enterprise’s approach to security, make it proactive.
Comparing the state of security today to a picket fence – a range of point products with gaping holes between them – Vecchi says that the biggest challenge today is managing the complexity of security. Instead of dealing with threats, enterprises are struggling to manage and coordinate the bevy of point products they have, and to solve that problem, security unification is crucial.
Having listened to a number of presentations of various Check Point technologies and solutions, I couldn’t help but be a little impressed with how the company practices what it preaches. Theory is all good and well, but when you are given examples of how those technologies work in an actual enterprise environment – Check Point’s enterprise environment – it’s easy to see where their confidence comes from.
Sharing some of the results of the latest NSS Labs tests of IPS and firewall solutions, Shwed proudly says that their firewall is the only one that passed the test, and that, for the first time, an integrated IPS solution proved to be more effective than a dedicated one – whether when out-of-the-box or fine-tuned. “It shows you that when we speak about security is not just words – it’s real.”