With an eye toward speeding Internet security functions, Check Point Software Technologies Ltd. is bringing out a new security architecture designed to boost VPN and firewall performance and has joined up with heavyweight partner companies, including Nokia Corp. and Compaq Computer Corp., to bring the software to market.
The Check Point Next Generation security software, announced last week, is the next major version of the company's security software. It consists of a modular design that allows intensive security functions, such as encryption and public key operations, to be offloaded to third-party hardware devices. Another element of the architecture, dubbed SecureXL, makes APIs available to partner companies for accelerating firewall, public key, and encryption.
The security architecture will be offered through partner companies who are building gigabit and multigigabit security appliances and chip-set offerings, said Jerry Ungerman, executive vice president at Check Point.
According to analyst Eric Hemmendinger, research director for information security at Aberdeen Group, integrating the security architecture in partner product offerings will help boost the software's horsepower. "The partners are a critical piece of this. There is some redesign of the Check Point software, but they aren't going to get 10 times [the performance] out of their software. They are leveraging partners for the added speed," Hemmendinger said.
One partner, Nokia, has implemented Check Point's security architecture in its IP530 security appliance.
Improving the speed of security offerings is becoming critical as businesses put more emphasis on security behind the firewall, according to Dan MacDonald, vice president of Nokia Internet Communications. "There is a huge business problem with the bottleneck from [security processes]," MacDonald said. "Enterprises are trying to match security throughput speed with their LAN speed. Security is not an edge-thing anymore."
Nokia this summer plans to introduce an enhanced security appliance that doubles the speed of the IP530, MacDonald said.
Compaq Computer said it plans to integrate the Check Point architecture into its ProLiant ML330 and DL320 server appliances. Other partners building security offerings with Check Point's architecture include chipmakers Broadcom and Intel and security appliance vendors Intrusion.com and RapidStream.
The need for increased performance for security offerings is growing because of expanding bandwidth and Internet traffic, according to Check Point's Ungerman. "The performance enhancements [in Check Point software] ensure that the security infrastructure will not be a bottleneck," he said.