* Check Point readies Generation with Application Intelligence Check Point next month is scheduled to ship a version of its software that enables its firewalls to peer deeper into packets and make application-level decisions about whether to block traffic.Called Generation with Application Intelligence (NGAI), the software and the accompanying graphical interface SmartDefense, let users quickly set up filters that look for classes of attacks such as HTTP encoding, directory traversal and FTP bounce, as well as specific attacks such as Code Red, Nimda and SQL slammer worms.NGIA finds these things in several ways. It can check that protocols comply with standards, so it would flag an HTTP packet whose header violates standards by carrying binary data, for example. It can also look for suspicious anomalies such as extremely long HTTP headers. Users can set policies so the software triggers alarms, sends notifications or alters firewall settings to block perceived attacks.Policies can also flag traffic if an application is performing unauthorized operations, such as file sharing. Users can choose to divert data to supplemental security applications, so it might send e-mails containing executable files to an antivirus platform for screening. NGIA represents Check Point’s plan to move further into policy-based filtering that goes beyond its traditional network firewalling and into an area where packets are peered into more deeply. Other vendors with similar functionalities include Array, Fortinet, Ingrian, Netcontinuum, Tipping Point and to some extent content switch suppliers such as Blue Coat Systems and F5 Networks. NetScreen is headed in this direction via its purchase of OneSecure.As one analyst says, this could be a new turn for firewalls. In the early days, firewalls were standalone software but have become commonly paired with VPNs. Now, it seems that they may become paired with other, higher-layer security. Users looking for all-in-one security platforms should continue to monitor these vendors to see whether they deem them ready for use in their networks. They could represent a new wave of simpler-to-administer security. Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Cloud Computing Networking Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe