A new interface from Redwood City, Calif.-based Check Point Software Technologies Ltd. is designed to make it much easier to manage the security of overly complex networks.
Built on Check Point’s Secure Virtual Network (SVN) architecture, the Next Generation User Interface, which was announced in February, helps network managers keep track of relevant information about the network. According to Raphael Reich, product marketing manager at Check Point, the interface takes information given to it by the network manager and then draws a visual map of the network’s security environment. Using colour coding for different areas of the network and drawing arrows to show the flow of data traffic on the network, the Next Generation User Interface lets network managers define any number of policies for different groups on the network and can be integrated with third-party products.
“It’s been in the works for a couple of years, but it’s all driven by customer demand,” Reich explained.
He said Check Point customers have been asking for the Next Generation User Interface and wanted to use it to lower the total cost of ownership of a network. Reich noted networks are getting more and more complex and it is becoming increasingly difficult to keep track of the network’s security information. The Next Generation User Interface, he said, puts it right in front of network managers’ faces in an easy-to-use security dashboard.
“It’s designed to simplify administration of VPN and security policies, which can get overly complex,” said Joel Conover, a senior analyst with Sterling, Va.-based Current Analysis. “Rule sets in enterprises are achieving fifty or a hundred rules in some cases now, and you need a way to visually work with these and create rules that don’t conflict and don’t overlap.”
Conover said he is not aware of other products like the Next Generation User Interface, but added Cisco Systems Inc. announced a VPN policy manager in early March. Conover had not yet been briefed on the Cisco product, so he could not comment on it.
Conover said the Next Generation User Interface simplifies the management of VPN and security environments, and it is a big step above a command line interface. Check Point owns an immense market share in the firewall and VPN spaces, he said, but the company is in a unique position because it is solely a software vendor. For hardware, its biggest partner is Finland-based Nokia. The two companies together own a 24 per cent share in the VPN and firewall space, he said.
On March 12, Check Point made another announcement -the launch its new Next Generation Management Infrastructure. Designed for Check Point’s VPN-1 and FireWall-1 products, it includes: an enhanced centralized logging system; the ability to configure the use of a secondary server for VPN-1/FireWall-1 Management Servers and VPN-1 SecureClient Policy Servers; security policy audit trails; and the SecureUpdate tool, which is push technology that automatically updates Check Point security software.
The Next Generation Management Infrastructure and the Next Generation User Interface will be available in the second quarter of 2001. For more information on Check Point, visit www.checkpoint.com.