Renowned as a pioneer of perimeter firewalls, Israeli company Check Point claims to have come up with a new twist to the network security theme - the ‘internal security gateway’.
Launched this week as the InterSpect, Check Point’s new appliance is basically an internal firewall capable of monitoring internal network traffic at packet level, isolating machines or network segments where it detects trouble.
Although the company claims the idea is a new, it has actually been around in different forms for some time. See our expert comment InterSpect – a new take on an old idea
However, the problem InterSpect is looking to address should be well-known to network administrators the world over.
“Most worm attacks come from people inside the network,” commented Check Point’s David Aminzade in advance of the launch. “It [InterSpect] will notify the system administrators and users, telling them a virus has been detected.”
According to Aminzade, all it takes is one worm-infected laptop to be plugged into the network at the end of its travels and that network can then become the launch pad for further mayhem. Since today’s worms spread at incredible speed, there is a need for wire-speed security appliances monitoring traffic inside the network.
In Check Point’s view, none of the current security technologies – anti-virus software, intrusion detection systems, and secure switches – can properly secure networks against internal threats such as worms-on-the-loose.
An update service, SmartDefense, is also available for customers wanting pre-emptive defence against emerging vulnerabilities.
InterSpect does not yet allow the extension of Opsec relationships (a proprietary Check Point software standard), but this should be available by the middle of the year as will central logging and software updating, said Aminzade.
As with early firewalls, InterSpect doesn’t come cheap. It comes in three versions of increasing throughput, which range in price from $9,000 to around $39,000.