Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Articles

The following article is from the September 1999 issue of Internet Week:

Integrated VPN Suite Includes Firewall

By Salvatore Salamone
Internet Week
September 10, 1999

One of the obstacles to virtual private network deployment has been that IT managers have had to buy an array of equipment and integrate it themselves.

What's been particularly frustrating is that virtually every function above and beyond basic connectivity required additional equipment and features.

Check Point Software Technologies, primarily known for its firewall products, thinks it has a better solution.

The company is trying to address several concerns of IT managers with a handful of enhancements to its combo VPN/Firewall product line, called VPN-1/Firewall-1.

One major enhancement with this release is the integration of bandwidth management functions, which had been available separately in the past, into VPN-1.

Such integration is increasingly desired by IT managers, who start with VPN pilots and find that when they move to wide-scale deployment, they would like some way to give the VPN traffic priority over other types of traffic.

"Many VPN products didn't offer bandwidth management out of the box," said Benjamin Anderson, vice president of IS at Windham Foods International. "And in many cases, the VPN vendor did not even have a bandwidth management tool. We had to use different vendors' products, each with different administration and management systems."

The integrated approach offered by Check Point, like that of a handful of other VPN equipment vendors, lets an IT manager use the same tool to configure VPN security and bandwidth management services.

Additional enhancements in the new release of VPN-1 include support for high availability. VPN-1 offers failover capabilities. With this capability, if one VPN gateway fails, an IT manager does not need to change IP addresses to get to a second gateway. Instead, the IT manager can configure a VPN client so that if in the event one gateway goes down, a session is established with a second gateway without any user intervention.

Industry experts believe failover features can help cut operational support costs. With most VPN implementations, a user's client software is configured to connect to a single VPN gateway.

"If that gateway fails and there is no secondary one that is automatically tried, the user is locked out," said Raymond Lopez, a consultant at Rosewall and Associates, a consulting firm that designs and installs remote access systems. "And that means a call to the help desk."

The new release of VPN-1 also supports Check Point's OpenPKI technology, which enables the system to support Digital Certificates from a dozen or so certificate authorities.

The VPN-1/Firewall-1 suite is available now. Pricing starts at $3,495.


Back to Articles & Reviews | FireWall-1 | Corporate Info & News