Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Check Point Software Technologies Redefines Virtual Private Networking (VPN)

REDWOOD CITY, CALIF., – February 23, 1998 – Check Point Software Technologies Ltd. (Nasdaq: CHKPF), the worldwide leader in Virtual Private Networking (VPN) solutions, today redefined the VPN market with a comprehensive strategy that will enable secure, reliable, and manageable business communications over any IP network. Based on a combination of three key technology components, security, traffic control, and enterprise management, Check Point's strategy enables the practical implementation of VPNs for organizations of all sizes.

With today's announcement, Check Point is the only vendor to deliver a comprehensive VPN solution that integrates each of these critical technology components in a single package. As part of the announcement, the company unveiled its product roadmap, which includes the extension of its current market-leading VPN solutions to include Certificate Authorities/Public Key Infrastructure (CA/PKI) technology, 100Mbps hardware encryption acceleration, fully-integrated bandwidth management, directory services support for integrated user management, and new VPN software packages and price points that meet a variety of customer requirements and business sizes.

"When it comes to VPNs, ‘one size fits all' does not apply. Businesses typically implement a combination of intranet, remote access, and extranet VPNs, each with a unique set of security, traffic and enterprise management requirements," said Deborah Triant, president and CEO of Check Point Software Technologies, Inc. "Since these VPNs represent only one component in an overall security policy, the challenge is to provide a comprehensive solution that integrates a company's VPNs into its overall security framework. Until today, no vendor has delivered such a solution."

Check Point's VPN Product Roadmap

Through the three critical technology components of security, traffic control and enterprise management, Check Point's new definition of VPN guarantees the (1) security of network connections; (2) authenticity of users; (3) privacy and integrity of data communications; (4) reliability and performance; and (5) manageability of the total enterprise virtual network. Over the course of the coming year, Check Point will enhance the functionality already offered in its products to enable the practical implementation of VPNs and allow corporations to conduct secure, worldwide inter- and intra-company business communications.

Security

Three key technologies comprise the security component of VPNs: access control to guarantee the security of network connections; authentication to verify the identity of network users and data; and encryption to protect the privacy of data. While most VPNs only address authentication and encryption, a VPN without access control is only protecting the privacy of the data as it travels across the transport mechanism. Access control protects not only the data in transmission, but also the corporation's entire wealth of intellectual property and information, ensuring that users have full access to the applications and information they require, but nothing more. Access control is typically provided by a firewall.

Today, Check Point's VPN solution, based on its market-leading Check Point™ FireWall-1™ enterprise security product suite, includes:

  • Access control with FireWall-1;
  • User and data authentication through RADIUS and numerous strong, two-factor authentication schemes;
  • Support for multiple encryption schemes including manual IPSec, FWZ-1, SKIP and ISAKMP/Oakley;
  • SecuRemote™ client encryption software for secure remote access, extending the VPN to PCs and laptops anywhere in the world;
  • Support for multiple platforms including UNIX and NT servers and internetworking devices from leading hardware vendors.

Over the coming year, Check Point will enhance its VPN solution to include state-of-the-art public key technology through the integration of Certificate Authorities/Public Key Infrastructure (CA/PKI). Check Point will offer:

  • Entrust-Ready™ versions of its FireWall-1 VPN server software and SecuRemote client remote access software providing integrated CA/PKI capabilities in Q2 1998;
  • Interoperability with leading CA and authentication vendors such as VeriSign and Security Dynamics through the OPSEC™ enterprise security framework standard in Q2 1998, enabling customers freedom of choice in deploying CA and authentication solutions;
  • Easy-to-use, easy-to-install PKI software bundled with Check Point's VPN solution, delivering a standalone, shrinkwrapped product in Q3 1998;
  • Management of the PKI solution from Check Point's management GUI, delivering complete enterprise security management including CA/PKI in Q3 1998.

Traffic Control/Performance

The second component critical in implementing an effective VPN is traffic control to guarantee reliability, Quality of Service and high-speed performance. Internet communications can become congested, rendering them unsuitable for critical business applications unless that traffic can be prioritized and reliably delivered. This is especially true in extranet VPNs, where lower speed WAN connections exacerbate the problem. Furthermore, the addition of a VPN will increase traffic on the network, compounding performance problems. Therefore, it is imperative that a VPN solution have an integrated traffic control mechanism for improved VPN reliability and performance.

Check Point's current solutions in the area of traffic control and reliability include:

  • Policy-based, enterprise-wide bandwidth management with Check Point FloodGate-1TM . Used alongside FireWall-1 VPN, customers can actively control bandwidth and ensure that VPN business-to-business electronic commerce traffic, for example, is given a higher priority over less critical data exchanges;
  • Server load-balancing with ConnectControlTM ;
  • High-availability solutions from third-parties integrated through OPSEC.

In 1998, Check Point will enhance its VPN offerings in the traffic control area with the following:

  • High-speed encryption acceleration with plug-and-play boards co-developed with Chrysalis-ITS. Available in Q2 1998, the 10Mbps and 100Mbps boards for Solaris and Windows NT accelerate the cryptographic functions of IPSec with ISAKMP/Oakley key management without requiring any reconfiguration of the FireWall-1 VPN solution;
  • Check Point will deliver a version of its VPN solution that includes fully-integrated bandwidth management functionality in 2H 1998.

Enterprise Management

The final critical VPN component is enterprise management, which guarantees integration of VPNs into the overall security policy, local or remote centralized management, and scalability of the solution. As today's network infrastructure continues to grow, the ability to manage increasing complexity and to provide ease of deployment and administration for a growing number of users is a crucial differentiator for VPN solutions. In addition, because a VPN is an extension of the enterprise's total security policy, the ability to define a single enterprise-wide security policy that includes VPNs and to manage and control this policy from a central management console is critical in implementing a successful and secure network.

Check Point's VPN solution uniquely delivers customers the following enterprise management capabilities:

  • Integration of all VPNs into the existing enterprise security policy, including easy addition of new users, applications and VPNs;
  • Central management of all enterprise security components, including VPNs, from a single console;
  • Multi-platform support across UNIX and Windows NT servers and internetworking devices from leading hardware infrastructure vendors.

In the coming year, Check Point will expand its policy-based management to provide:

  • Support for directory services, including integration with LDAP (Lightweight Directory Access Protocol) in Q2 1998 for ease of user management and increased scalability;
  • CA/PKI with integrated ISAKMP/Oakley key management for scalability and ease of VPN administration in Q2 1998;
  • New VPN software packages and price points that meet a variety of customer requirements and business sizes in FY 1998.

About Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. is a leading provider of policy-based enterprise security and traffic management solutions. Through its patented Stateful Inspection technology, the company is uniquely positioned to deliver Secure Enterprise Connectivity solutions that protect information assets and enhance the performance of enterprise networks. Check Point offerings include the world's leading enterprise security suite, Check Point FireWall-1, and the industry's premier policy-based bandwidth management solution, Check Point FloodGate-1. The company has U.S. headquarters in Redwood City, California and international headquarters in Ramat-Gan, Israel. For product information, please visit our web site at http://www.checkpoint.com

###

 

1998 Check Point Software Technologies Ltd. Check Point, the Check Point logo, Check Point FireWall-1, FireWall-1, SecuRemote, FireWall-First!, OPSEC, INSPECT, FloodGate-1 and IQ Engine are trademarks or registered trademarks of Check Point Software Technologies Ltd. Entrust is a registered trademark of Entrust Technologies Limited. All Entrust product names are trademarks of Entrust Technologies Limited. All other product names mentioned herein are trademarks of their respective owners.