Check Point Automates Integrity Firewall

Integrity, Check Point's client and server end-point protection product, has been updated to version 6.0, and now includes an optional subscription service called Program Advisor that lets administrators automate most application policy decisions for granting or blocking network applications' access to the Internet.

"We wanted to reduce the amount of time administrators spent with Integrity," said Rich Weiss, the director of product marketing for Check Point. Rather than having to manually develop policies for applications, Program Advisor pings its database of some 85,000 applications and gives Integrity a go/no-go signal to either allow or block the application.

The service, which is hosted by Check Point, comes out a database developed for the Zone Alarm consumer brand, and currently handles about 100 million queries a week. "It gives an answer in more than 90 percent of the queries," Weiss said.

Program Advisor can be set to handle the allow/block request for new applications on the client or server, or if the administrator wants a hand in the process, will offer guidance, said Weiss.

Integrity 6.0 also now includes Check Point's Malicious Code Protector technology -- which has been deployed in Check Point's gateway products -- to stymie buffer overflow and other zero-day attacks, said Weiss, who touted the firewall's ease-of-use over rival intrusion prevention systems (IPS) such as those from Cisco and McAfee. "The reality is that they're incredibly hard to configure," claimed Weiss.

Integrity can also be scaled using the Integrity Advanced Server, which features clustering and load balancing functions, and the client software can be automatically deployed from a central repository by administrators.

The client software has added support for Red Hat Enterprise Linux WS 3.0 to existing versions for Windows 98SE, 2000 , NT 4.0 Workstation, XP Pro machines. Advanced Server, meanwhile, runs on Red Hat Enterprise Linux ES 3.0 and DB2, in addition to Windows 2000 Server and Advanced Server, Windows Server 2003, Oracle, and SQL Server.

Also on Monday, Check Point ventured into the security event management software fight with Eventia Analyzer. The software's being pitched to existing Check Point customers, said Jane Goh, product marketing manager, because it's tightly integrated with the Redwood City, Calif.-based company's existing gateway security devices.

A relatively new software category, security event managers (SEMs) like Eventia monitor heterogeneous networks composed of firewalls, routers, switches, and gateways, collect data, and present it in a single view to administrators so they can get a grasp of what's going on.

Other manufacturer's security devices are supported out of the box, but at the outset, the software will collect data only from Cisco, Juniper, and Internet Security Systems hardware. "Our intention is to start gathering the requirements for supporting other devices as soon as possible," said Goh.

Goh claimed that Check Point's SEM "can be deployed in hours," while rivals sometimes take months to tweak into shape.

Eventia Analyzer is available now at a starting price of $18,000, and scales up to the $100,000 range for high-end customers, said Goh.