Check Point this week will outline its strategy for the year, which includes new products and incorporating data security into its platforms.
A key component of the strategy is the technology Check Point acquired when it bought Pointsec, the Swedish company that makes software to encrypt data sitting on hard drives.
Check Point's plan is to secure devices, particularly mobile devices, so if they are stolen, the data stored on them is useless to the thief, says Gil Shwed, Check Point's Chairman and CEO. This would protect corporate intellectual property as well as prevent the potential loss theft of personal data as with the loss last May of a Department of Veterans Administration laptop.
"Basically we devised a strategy that has multiple elements," Shwed says. "Pointsec is only one of them, about basic security, and it is one of the most exciting ones because it has critical mass. It's something everybody needs."
When he was interviewed recently, Shwed would not detail the company's road map, but hinted at some of the new directions. "We did look at many other areas that are not as widely needed as data security or that were already part of our vision and we need to do more with them," he says. "Intrusion prevention fits into that area, but it's not an entirely new area."
In December, Check Point announced it would buy intrusion detection and prevention vendor NFR Security with plans to incorporate the technology with Check Point firewall, VPN and management gear.
The company plans to lay out its strategic plan for the year during briefings this week, and says it will have a new product announcement at the RSA conference next month.
Shwed says the strategy the company is announcing is the most important long-term plan it has set forth since it came up with its Check Point NGX road map three years ago. That effort resulted in expanding the company's offerings to include firewalls, SSL VPNs, intrusion prevention, and endpoint checking software. It also included management software so customers can oversee all these areas from a single console.
Another area the company plans to work on is network access control (NAC) where Shwed acknowledges the company has fallen short. "I'm not happy that we haven't solved this problem yet because I think we could have done a better job so far, we could have executed better at Check Point," he says.
The company's existing VPN gear as well as its intrusion prevention/segmentation appliances could act as enforcement points for NAC policies, he says. "The policy enforcement of NAC can be done on dedicated appliances but it can also be done through other means like the gateways we already have on the network for example," Shwed says. "We'll be very strong in policy enforcement, policy definition, and connecting the endpoints to the management framework."
Check Point already has its own version of NAC called total access protection (TAP), and partners with other NAC vendors including Cisco, and switch vendors including Enterasys Networks, Foundry Networks and Nortel are all part of Check Point's TAP program.