REDWOOD CITY, CALIF. - Check Point next month is set to give its firewall customers the ability to detect and block application-layer attacks such as Code Red, Nimda and SQL slammer worms.
Called Next Generation with Application Intelligence (NGAI), this release of Check Point's Firewall-1 SmartDefense software is designed to protect Web servers, e-mail, instant messaging and FTP from a variety of attacks such as HTTP encoding, directory traversal and FTP bounce.
The application intelligence is in the software that is part of the firewall located at the network Internet connection. This software digs deeper into packets than the firewall and can adjust firewall policies to block attacks it detects.
"[NGAI] firewalls are able to delve somewhat deeper into the packet, do some simple signature matching and pattern matching, but also do some advanced protocol analysis looking for anomalies, be it extended ASCI characters in an HTTP stream or HTTP headers that are much bigger than they should be," says Scott Loach, senior information security engineer for financial advisory firm Raymond James Financial Services in St. Petersburg, Fla., which beta-tested NGAI.
He says the new features were part of the default settings of the beta version of NGAI that he tested, and they add another layer to his network defenses. "The next thing that comes in like SQL slammer or Nimda is going to come in over a common port like Port 80 or 110 or 25. A normal firewall is just going to permit the traffic."
He says NGAI doesn't displace the firm's other security, which includes an intrusion-detection system, antivirus software, mail filtering and URL filtering.
The new capabilities will let Check Point compete against other leading firewall vendors Cisco and NetScreen, says Richard Stiennon, an analyst with Gartner.
Other vendors focused on using custom chips to rip packets apart, inspect them and apply multiple policies more thoroughly than NGAI does will ultimately have the edge, he says. These include Fortinet, Netcontinuum, Tippng Point and to some extent content switches, such as Blue Coat Systems and F5 Networks.
NGAI is available June 3. An update subscription costs $1,000 per gateway or $10,000 for up to 100 gateways.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment