Check Point Unveils NGX

Tom Keating : VoIP & Gadgets Blog
Tom Keating
CTO
| VoIP & Gadgets blog - Latest news in VoIP & gadgets, wireless, mobile phones, reviews, & opinions

Check Point Unveils NGX


Check Point Software
and I held a conference call this past Friday where I learned more about their pending NGX announcement, which essentially is a unified security platform with a single administrative interface for all NGX-compatible Check Point products. According to Check Point's, Sharon Besser, Directory of Security Solutions, this is the first major version upgrade in Check Point's software in two years. This news was under NDA on Friday when I had the conference, so I couldn't blog about Check Point's major upgrade until Monday (today). It was a great conference call and I hope to highlight some of the key points. Since I may not cover them all (I'm still catching up on work from my 9 day vacation), I've included a recorded copy in MP3 format of the conference call so you can listen to Check Point's perspective on this major upgrade as well as hear some of my questions I posed to them.

Check Point began by giving an overview of what exactly NGX is and why it was needed. According to Jane Goh, Product Manager for Check Point Software, “This is both a platform for unified security architecture as well as a major version release. So what’s the big deal and why is it so major? We believe that with this release Checkpoint is changing the way the way enterprises deploy and manage information security.”

Jane explained that “Today security is based on disparate point products- best of breed solutions implemented which really don’t integrate with each other that often leads to inconsistent and ineffective policy management and lack of visibility of the entire security posture across the organization. And also really increasing their management overhead and complexity of management.”

She continued by stating,"with NGX we are going to be providing unified security not just at the technology level but also at the management level". In addition, Jane also mentioned that Check Point has enhanced their security event management with a new interface called Event Analyzer, which checks Checkpint devices and non-Check Point devices for analyzing and reporting various events.

According to Check Point Software, three key advantages of NGX include:
- SMART is the only unified security management architecture for perimeter, internal and web security
- Check Point secures more network and application types from more threats than any other solution (Tolly test report)
- Adaptive inspection technologies – Check Point is the only security vendor to provide integrated intrusion prevention capabilities in perimeter, internal and web security gateways.

Check Point also discussed their excellent VoIP support, which although not specific to the NGX platform (they've had excellent VoIP support for awhile), bears mentioning. For instance, they are "Skype aware" so they can detect Skype and either allow it or disallow it. This is huge for IT administrators due to the security implications of how Skype is able to penetrate through firewalls and even perform NAT to reach end user PCs. Some IT administrators may not wish to allow Skype and can easily block it using Check Point's solutions. Something useful for service providers is that they can set the Check Point firewall to "monitor mode" to determine the number of Skype users, which is a difficult task since Skype doesn't use a static port. Further, from a a more positive VoIP angle, Check Point Software supports the major VoIP protocols, including SIP and H.323. Unlike many competing solutions, Check Point Software doesn't just enable VoIP sessions, but it secures the VoIP sessions as well. They also have enhanced protocol support and NAT support for VoIP and interestingly claim to be the only vendor to provide VoIP Denial of Service prevention for major VoIP protocols.

Finally, 21 NGX-compatible Check Point products will be available on or before May 30, 2005 and it will be offered as free upgrade to Check Point customers with current Enterprise Software Subscription

There are some other interesting tidbits in the conference call, including a comparative analysis against Juniper and Cisco, so feel free to check out the call.

Here's the Check Point NGX release:

CHECK POINT UNVEILS UNIFIED SECURITY ARCHITECTURE WITH NEW NGX PLATFORM

Only Vendor Providing a Unified Security Platform, Helps Customers Architect A Secure Future

REDWOOD CITY, Calif., -- May 16, 2005 -- Check Point® Software Technologies Ltd. (NASDAQ: CHKP), the worldwide leader in securing the Internet, today unveiled its NGX™ platform, a unified security platform for its perimeter, internal and Web security solutions that enable enterprises of all sizes to reduce the cost and complexity of security and ensure that their security systems can be easily extended to adapt to new and evolving threats. The NGX platform changes the way customers think about their deployments by coupling deeper, broader and smarter Internet security with the unified security architecture. 

The NGX platform is a major upgrade to the core technology underlying the market-leading Check Point VPN, firewall and management solutions. It delivers new features and extended functionality to more than twenty Check Point products in addition to core technologies such as Application Intelligence™, SecureXL™ and the SMART™ management architecture. Some of the most notable enhancements with the NGX platform include:

  • Unified perimeter, internal and Web security management that reduces the cost of security management by allowing administrators to centrally define and manage perimeter, internal and Web security policies – all from a single console.
  • Expanded intelligent inspection technologies that secure more network and application types from more threats than any other solution to ensure the confidentiality of business data. It also includes enhanced capabilities for ensuring the confidentiality and availability of voice communications.
  • Advanced VPN capabilities such as dynamic routing, which allows enterprises to manage large and complex networks more efficiently with fewer resources.

 “Individual point products like firewalls can certainly help organizations protect themselves, but it is becoming more critical for enterprises to be able to easily manage and receive security information from a suite of security products. The average enterprise customer is plagued with too many devices to manage, a corporate security policy that is difficult to enforce and monitor, and an inability to comprehend or respond to threats in real-time,” said Chris Christiansen, Vice President of Security Products and Infrastructure at IDC. “An intelligent approach would be to fully integrate management into the core architecture – with the NGX platform, Check Point is on the right track to deliver this capability to enterprise customers.
Check Point NGX Platform Enables Unified Security Architecture
Check Point is the only vendor to deliver a unified platform, deployed across its entire product suite and in layers throughout the network to ensure that all enforcement points can be easily extended to adapt to new and evolving threats. The Check Point NGX platform is fundamentally different from competitive offerings that require major upgrades to point-product-based solutions that make security infrastructures complex and costly. In addition, Check Point’s unified security architecture provides customers with the following benefits:

  • Provides visibility into the entire information security environment with centralized monitoring capability of network and security events
  • Reduces administration overhead by allowing centralized management and monitoring of all security enforcement points
  • Ensures consistent security policies across the network and promotes regulatory compliance by more easily enforcing and auditing corporate security policy

The State of Maryland Effectively Manages Internet Security
The State of Maryland Department of Public Safety and Correctional Services

(DPSCS) Information Technology & Communication division has a distributed network that requires securing remote locations including city, county and state police offices throughout Maryland. 

As an NGX early availability access customer, Chief Network Officer, Victor B. Fooks of the State of Maryland DPSCS comments: “As a government organization, regulatory compliance is certainly a hot issue for my organization, and the enhanced reporting capabilities in the NGX platform enable us to fulfill our legal obligation to generate accurate network activity reports for security audits. Additionally, our VPN topology is about as complex as it gets, and the NGX platform greatly streamlines our security management process and provides the most in-depth security protection for all the latest protocols.” 

 Architecting a Secure Future

“Check Point is unique in delivering a unified security architecture that enables customers to future-proof their security deployment, defeat emerging threats and ensures the highest levels of security protection available,” said Gil Shwed, chairman and CEO of Check Point Software. “With the Check Point NGX platform, we are meeting and exceeding present and future Internet security needs -- Check Point is architecting a secure future by promising a sound security investment for our customers.”

 

Availability
 Check Point NGX will be available on or before May 30, 2005, and existing customers with a valid Check Point software subscription will be able to upgrade without an additional charge. For more information, please visit: http://www.checkpoint.com/ngx. 

About Check Point Software Technologies
Check Point Software Technologies Ltd. (www.checkpoint.com) is the worldwide leader in securing the Internet. It is the market leader in the worldwide enterprise firewall, personal firewall and VPN markets. Through its Next Generation product line, the company delivers a broad range of intelligent Perimeter, Internal and Web security solutions that protect business communications and resources for corporate networks and applications, remote employees, branch offices and partner extranets. The company's ZoneAlarm product line is one of the most trusted brands in Internet security, creating award-winning endpoint security solutions that protect millions of PCs from hackers, spyware and data theft. Extending the power of the Check Point solution is its Open Platform for Security (OPSEC), the industry's framework and alliance for integration and interoperability with "best-of-breed" solutions from over 350 leading companies. Check Point solutions are sold, integrated and serviced by a network of more than 2,200 Check Point partners in 88 countries



Featured Events