Check Point Software Technologies Ltd. is promising two products by mid-2004 intended to minimize the damage worms and viruses do if they manage to get inside corporate networks, and to make business use of the Web more secure.
Giving only a high-level account of its plans, the company says it will address internal security as well as Web security via both its current technology and new technology.
The Internal Security product line would enable network executives to segment their networks so the damage malicious activity does can be confined more easily. In addition, it would identify and block attacks. With ties to Check Point's management and reporting software, the new gear would be able to generate security audits to meet reporting requirements of government agencies that oversee certain industries, such as finance and healthcare.
Check Point says the new software could be added to a network without requiring reconfiguration of network devices. Internal Security will be based on Check Point's stateful inspection and application intelligence technologies, plus other, unspecified technologies the company has not used yet.
It will also incorporate SmartDefense, CheckPoint's attack-protection software that is packaged with its firewalls.
Check Point's upcoming Web Security product line would include an upgrade of its Web-based SSL remote access support, a feature it had addressed only nominally. The new product would provide unified authentication and authorization and enable users to sign on once to the Check Point device and access applications without having to sign on again to each application server.
The company's goal is to allow different levels of access and security based on where a person is connecting from and on what type of machine. For example, the new product could allow a certain level of access to a company-issued machine connecting via its browser's SSL capabilities and a lesser level of access for a computer not issued by the company. The new gear would also support Check Point's existing VPN client and a portal to give a unified look to all remote access methods.
The new Web product would protect Web servers from network-layer and application-layer attacks, Check Point says. The product would check whether desktop security is properly configured before allowing access.