Check Point injects firewall with AI

Check Point Software Technologies announced today Check Point NG (Next Generation)  with AI (Application Intelligence), a new feature in its firewall products that melds security components into a single point of enforcement.

Despite its software-based firewall approach, Check Point is joining the ranks of hardware firewall vendors with application-focused protection aspirations. For example, Nortel has been active in VoIP (Voice over IP) protection; Cisco has acquired Okena Technologies to incorporate host-based protection; and NetScreen Technologies is aggressively pursuing improved protection measures.

Integrated into its Check Point FireWall-1 NG and Smart Defense offerings, AI helps administrators target and prevent application attacks by validating standards compliance, overseeing protocol usage, blocking malicious code, and controlling unauthorized operations, said Greg Smith, director of product marketing at Check Point in Redwood City, Calif.

Features incorporated into Check Point NG with AI include worm pattern matching for CIFS (Common Internet File System), peer-to-peer support, fingerprint scrambling to block servers from hackers, and cross-site scripting protection.

“Customers have come to rely on a firewall to protect the network. Now that the threat element has elevated to the application, firewalls need to step up,” Smith said.

Designed primarily for network-level access control, firewall security policies often expose applications through Port 80 (HTTP) and Port 443 (SSL). Without a mechanism to filter and make intelligent decisions on what to do with traffic, users are defenseless, said Scott Loach, senior information security engineer at Raymond James Financial in St. Petersburg, Fla. Loach says his Financial Services firm is running Check Point NG AI on about six large, corporate firewall clusters distributed worldwide.

“Today’s attacks are coming in on well-known ports that everyone has open to the Internet,” Loach said. “[Threats] are not going to sneak in your back door. They’re going to come into something permitted.” Exacerbating the problem, analysts said, is that many customers are unwilling to invest in multiple-point products to combat these attacks.

The new management capabilities within Check Point NG AI will ease volumes of log data that have overrun IT administrators in the past, according to Eric Ogren, senior analyst in Security Solutions and Services at Yankee Group in Boston. Ogren said customers will soon wake up to realize the dwindling perimeter is no place to protect emerging business applications.

“Right now the concept is internal firewalls to protect the application environment. But when [VoIP] becomes more prevalent, [securing] that at the network perimeter is tricky,” Ogren said. Check Point NG with AI will be available in June.