Check Point acts on my advice

While I admit that senior management at Check Point Software does not arise every day and ask themselves "What would Stiennon do?", sometimes I think they should. A few hours ago Check Point announced that they were going to acquire the security appliance business from Nokia. This is the right thing to do and Check Point deserves congratulations on making the most important strategic move in their history.

(Watch a slideshow of the hottest M&As of 2008.) 

But is it too late? It has been a little over two years since my letter to Check Point's CEO and founder Gill Schwed was published in Network World. In that letter I gave Gil three pieces of advice.Move operations to the United States.Acquire a security appliance product.Innovate.

• 

• 

• 

I specifically warned Check Point: "This is not a time to copy RSA, IBM, Symantec and McAfee by acquiring multiple pieces of the security pie and hope to meet Wall Street's appetite for improved numbers quarter over quarter. This is a time to dominate the network security space and leverage that dominance in the network; not the desktop, not the data, not physical security, not the server, not the data center- the network."

Check Point never formally responded to my letter. But, I did get a call from Check Point's U.S. marketing team when Check Point acquired PointSec, the disk encryption company. The message was "this is our response to your letter to Gil." You can see they misread my advice.

So today Check Point finally acquires a security appliance product, one that is well respected in the industry and has an installed base of 220,000 according to their announcement. My advice two years ago: "Check Point should acquire an existing platform that is already successful in supporting FW-1, your flag ship product. Check Point must own the platform in order to execute on the rest of my advice."

There were only two choices at the time: Nokia and Crossbeam.

Now comes the hard part. If Check Point is to truly take advantage of the opportunity in the network they must heed my advice from Oct. 26, 2006: "After investing the capital in a hardware acquisition there is work to be done. You have to maintain your existing channel while you cut prices, increase partner margins, and introduce new product configurations and support. There are four segments in the network security arena: enterprise gateway, enterprise core, SME and carriers. Across all of these segments your products need a major overhaul. They must be capable of processing entire packets and even sessions at speeds that exceed what your current products do with just packet headers."

The network security game is far from over. The dominant players have failed completely to innovate. Cisco has discontinued its line of PIX firewalls and is executing on one of the most massive replacement programs in the business. The sum total of Juniper's improvement of the $4 billion Netscreen acquisition is pretty close to zero. Symantec left the market. McAfee is blundering back into it with the acquisition of Secure Computing. New players like Fortinet, Barracuda, NetASQ, and PaloAlto Networks, are demonstrating that there is an appetite for devices that do more than statefull firewall inspection. There is room for a company with good products and great marketing to dominate the network security space the way Check Point did 10 years ago.

With investment in R&D, and a focus on the network that company could be Check Point 2.0.

Learn more about this topic

Wake up call: An open letter to Gil Shwed, CEO of Check Point Software

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT