Check Point charts its firewall direction

Redwood City, Calif.

Check Point Software Technologies, Ltd. today will lay out plans to buttress its flag-ship firewall with support for X.509 certificates, hardware-based encryption and other technologies.

Under a cross-licensing agreement with Entrust Technologies, Inc., Check Point will ensure that its FireWall-1 can authenticate end users for remote access based on their Entrust X.509 certificates. Once Check Point completes its work with Entrust to develop a set of APIs for this type of validation check, Check Point will publish the APIs so other certificate authority product vendors, such as VeriSign, Inc., can use them.

Check Point also is improving the speed with which FireWall-1 can encrypt and decrypt confidential IP traffic.

The company will do this by adding support for hardware-based encryption technology, which is faster than FireWall-1's existing software-based encryption technology.

Check Point will offer PCI-based 10M bit/sec or 100M bit/sec accelerator boards co-developed with Canadian manufacturer Chrysalis-ITS. The boards, for workstations running Solaris or Windows NT, speed up all encryption processing associated with the IETF's IP Security standard.

Also on Check Point's agenda this year is the integration of the company's FloodGate-1 traffic prioritization technology in to FireWall-1. FloodGate-1 currently sits behind FireWall-1 and handles congestion control for traffic entering or exiting the firewall.

"Customers are telling us they don't want to have stand-alone devices for security anymore," said Jacqueline Ross, Check Point's vice president of marketing.

However, Check Point will continue to sell FloodGate-1 separately. Check Point: (650) 482-4900