Q&A: Check Point President On The Competition And Why You Shouldn't Call It A Network Security Vendor Anymore

Threat Prevention

Check Point Software Technologies has historically been lumped into the established - and competitive - field of network security. However, that should no longer be the case, President Amnon Bar-Lev (pictured) said in an interview with CRN, as the company transitions to a model focused on threat prevention. That transition is key, he said, as other legacy vendors are failing to successfully adapt their business models to the new security landscape, he said, citing Cisco, Juniper, Fortinet and Palo Alto Networks as examples. Bar-Lev went on to discuss the larger security industry trends that are making that shift more necessary than ever.

The following focuses on what he had to say about the market (including his competitors) and what partners can expect from Check Point in the coming months.

Tell us a little about yourself.

My background, I worked with the channel. Before I joined Check Point, I was the founder and CEO of a company called Integrated Systems. That was a security systems integrator that I grew from basically nothing to about 120 people … I know the channel quite well from the other side of the equation. I joined Check Point about 10 years ago … Before that, I was in the Israeli Air Force, nothing to do with IT, though it does have a lot to with security (though it's a different type of security space).

From your perspective, what was the biggest moment for Check Point this year?

I think we are in the middle of a massive transition. We grew up in the firewall space and the major transition is toward threat prevention…Threat prevention is massive technologies that are looking for known and unknown attacks based on intelligence. I would say in the last five years we've built out massive capabilities. In a way, it's quite a well-kept secret in the industry, but we are one of the biggest and major players in threat prevention. I would say that about 30 to 40 percent of what I'm selling today is threat prevention on top of my gateways. We're talking about $1.5 billion a year only from annuity services that are purely threat prevention. That's based on our massive research organization of about 200 people that is doing research and development only…We are taking threat prevention to different areas…[such as mobile, the Internet of Things and the cloud].

Check Point historically has been seen as a network security player. Does this transition change what category you fit into?

I'm looking at us as a threat-prevention player. I don't restrict myself to where I need to protect – I need to protect everywhere. The fact that you're protecting an environment and you do it in multiple locations and manage it from a single management is a huge value to customers. They don't need to have five point products … If I have threat intelligence and I can feed with the same threat intelligence across mobile and typical environments, that's a huge benefit for customers who want to build infrastructure at scale, both with number of devices but also kinds of devices.

Does that shift change who you are competing against in the market?

It does. There are other players out there that were not there before. I'm fighting against FireEye on zero-day (protection). On the mobility side, I see mostly small startups right now – it's just the beginning of it. I'm competing specifically with (Palo Alto Networks), but I wouldn't compare the technology there as it's a huge gap. With what we're doing with zero-day protection, which is what they do, we do it on zero-day, or we call it zero-second, and they do it in zero-hours. There is nothing to compare and you can see that in other areas where we look at catch rate and third-party analysts. We are definitely competing in places that we were not competing before.

There are lots of shots being fired back and forth in security recently (yourself included). How do you look at the competitive market and how you fit into it?

It's a really changing market. It's a very, very, very competitive market. I think we definitely have gaps, but most of the gaps are (in) marketing and delivering our message. We are going to fill those gaps … There is Cisco mostly growing by acquisition, but it doesn't stick together. There is Juniper that I think dropped the ball overall – they are losing market share in security definitely. With Fortinet, their aims are mostly in mid-market and below and not to get higher … There is Palo Alto Networks, which I think is very much focusing on the marketing machine. Check Point is focusing purely on giving the most advanced security we can and also breadth and depth of solution to serve an architecture, and not a point solution. There is a lot of competition and people displacing one another. Someone smart told me that if you are playing in a market with no competition, then I am playing in the wrong market. I think competition is healthy … It challenges me personally to make sure Check Point will continue to lead and I think we will benefit from that.

If the technology is so strong, is there a reason Check Point gets targeted as much by competitors as, say, Palo Alto?

When you do a transition, it takes much longer than you want before people accept it. It has multiple effects. It takes years to change perception. We're a firewall company, but we're selling hundreds of millions of dollars in something else. They seem to perceive us as such. The message is carried by marketing, it's carried by the team, it's carried by partners and by journalists and others. We are in the middle of a transformation. The good stuff is that we have the right technology and the great technology in the market today … We need to change the perception. We are well equipped to do this type of transition.

What does the transition mean for partners? How does it change who you are partnering with and investing in?

Most of the network security guys are very capable of selling threat prevention and we don't want to change the partners we have. My belief is that I want to enable partners to gain more business with customers. We don't have any restriction – any partner of Check Point can sell all of our portfolio. I think there are places where I see benefits of specific partners, such as mobility where MDM partners are very complementary … When those kind of great synergies happen, that's just a great way to add partners that are focusing on those areas. Besides that, our major focus is enabling my current partners to gain more business with their customers.

What does that enablement look like, practically?

It starts with education and training, and I think that's probably the most important one. People can only sell what they know. If they don't know and they don't understand, it's very problematic. Right now, we are in the middle of a lot of training to our partners. We are doing lead-generation activities together with partners … and we are doing marketing together. We are doing more and more there. We also incentivize them and do business promotions like secure margins, and things like that.

Where are you investing the most in the channel in 2016?

The most important part right now is investing in threat prevention and the cloud, zero-day and mobile. We want to gain more market share and that is usually by acquiring new customers to Check Point and investing in others. That is the key focus for us.

Are you doing a lot of partner recruitment?

We're mostly developing customers and partners that we are already working with … We are recruiting some but the major focus is on existing ones.

Is there an area where Check Point partners are winning the most over the competition?

It's varied per verticals and it's varied per geography. Partners are very different in the U.S. versus Europe versus Asia. One of our biggest major advantages besides the strong security that we bring to the market is also our management capability. Every customer appreciates strong management, which usually means they have more than one location and he wants to run multiple technologies. That's a huge benefit from Check Point and I believe the No. 1 place we win.

What trends are you seeing in the larger security market that stand out to you?

I'll tell you my philosophy over that. If you look at security development, I think it's very, very reactive … There is viruses, and the industry created anti-virus. There was intrusion, and then intrusion prevention. There is bots and people created anti-bot solutions. Our criticism is that the industry doesn't develop good enough security. That is because the trend in the industry is to be reactive to those threats, instead of finding different models and innovative ways to cope with this huge problem … I would really challenge the industry. I think there is a lot of marketing buzz on what people are doing, but when you go out and look at the technology, ask yourself, "Would that change the security landscape and really bring value to customers by allowing them to do stuff they want to do?" There is a huge gap in the security industry.

Any other interesting trends you're seeing?

What we're seeing happen in the IT environment, you'll see it's continuing to evolve quite fast. We're talking about cloud, mobility, the Internet of Things, the amount of connections and interactions happening is huge and will continue to grow. I would say one of the things that's unique to the IT environment now is that IT managers do not control them anymore, which is very good because it's allowed people to do more stuff. People are putting data in clouds, but it's not their cloud. They're putting stuff on mobile devices that (go) around the world and they don't know where it will go. Other stuff that is happening is what's happening in the threat landscape. We're seeing a shift towards zero-day attacks, and much more of this traditional technology is not working well (against it). I think there's a combination of fast-evolving IT environments, together with a massive move toward unknown threats, together with an industry that is really lagging behind. (There are) things that we need to change.

Do you think those changes will happen in 2016?

I'll speak on behalf of Check Point: We are in the middle of those changes already. With CPU-level emulation, mobile security, a very sophisticated intelligence platform called Threat Cloud, we are setting up for this challenge to confront it. We are changing many things about what we do to make sure we are not part of this very reactive environment. We have this thing called One Step Ahead: one step ahead of technology, one step ahead of malware, one step ahead of hackers, and even one step ahead of competition. We believe that is the only way. We have to challenge the industry and ourselves to make sure that we will provide better value to customers.