Check Point injects firewall with application intelligence

Check Point Software Technologies today (Tuesday) introduced its Next Generation (NG) software with application Intelligence (AI)...

Check Point Software Technologies today (Tuesday) introduced its Next Generation (NG) software with application Intelligence (AI) feature for its firewall products.

Despite its software-based firewall approach, Check Point is joining the ranks of hardware firewall suppliers with application-focused protection aspirations.

Integrated into its Check Point FireWall-1 NG and Smart Defense products, application intelligence helps administrators target and prevent application attacks by validating standards compliance, overseeing protocol usage, blocking malicious code and controlling unauthorised operations, said Greg Smith, director of product marketing at Check Point.

Features incorporated into Check Point NG with AI include worm pattern matching for Common Internet File System (Cifs), peer-to-peer support, fingerprint scrambling to block servers from hackers and cross-site scripting protection.

"Customers have come to rely on a firewall to protect the network. Now that the threat element has elevated to the application, firewalls need to step up," Smith said.

Designed primarily for network-level access control, firewall security policies often expose applications through Port 80 (HTTP) and Port 443 (SSL).

Without a mechanism to filter and make intelligent decisions on what to do with traffic, users are defenceless, said Scott Loach, senior information security engineer at Raymond James Financial. He says his financial services firm is running Check Point NG AI on six large, corporate firewall clusters distributed worldwide.

"Today’s attacks are coming in on well-known ports that everyone has open to the internet," Loach said. "[Threats] are not going to sneak in your back door. They’re going to come into something permitted."

Exacerbating the problem, analysts said, is that many customers are unwilling to invest in multiple-point products to combat these attacks.

The new management capabilities within Check Point NG AI will ease volumes of log data that have overrun IT administrators in the past, said Eric Ogren, senior analyst in security solutions and services at Yankee Group.

"Right now the concept is internal firewalls to protect the application environment. But when [VoIP] becomes more prevalent, securing that at the network perimeter is tricky," he said.

Check Point NG with AI will be available in June.

Read more on IT risk management