Check Point this week announced it will introduce two products by mid-2004 that will address Web security and internal network security for businesses. Called Web Security and Internal Security, these two product families can be deployed independently or integrated with current Check Point products such as VPN-1/Firewall-1. In an interview with Network World Senior Editor Tim Greene, Check Point's Chairman and CEO Gil Shwed gave some flavor of what the new products would include.

What is Check Point up to?

We’re in the process of launching a new strategy that’s based on three technological areas: perimeter security, internal security and Web security.

On the perimeter security side, I think we are known for many years. I think what we see more and more interesting is companies that need to protect internally their network. We’ve seen all the recent worms that attacked once and got to one computer, but somebody downloading something spread it around the company so we see a lot of need to provide multiple levels of security inside the company, internal gateways all the way down to the desktop to provide that kind of internal security. I think the solution that we have is some good technology - which can be a good basis but it does require some new innovation.

On the Web security front we see an increasing need for using the Web and an increasing need to provide a more consistent, more uniform and more global type of access to Web resources. Today there’s a lot of discussion of SSL VPNs, which are in some cases good point products, but they need to be something much bigger than that in the way you can manage access to Web resources.

You say SSL remote access is a point product. What ought it evolve into so it’s not a point product?

Getting all the kinds of access and all the kinds of security for Web access and remote access combined. For example, SSL VPNs can provide a reasonable solution so you can access information. If you access information and it’s not very classified - let’s say a past article or things that you share with other people - good. But if you try to access very confidential data - now you want to download the presentation or download the document - if you don’t have control over the endpoint you might find that you are leaving files behind and creating a very big security hole.