Check Point Software Delivers Breakthrough Security Advancements with Firewall-1 3.0; Industry's First to Offer Content Security, Connection Control, Advanced Authentication and Encryption Integrated into an Open Enterprise Security Platform.REDWOOD CITY Redwood City, city (1990 pop. 66,072), seat of San Mateo co., W Calif., on San Francisco Bay; inc. 1868. Manufactures include commmunications, electrical, electronic, and medical equipment. , Calif.--(BUSINESS WIRE)--Oct. 7, 1996--Check Point FireWall-1 3.0 New Features Include: Content Security: -- Content Vectoring Protocol The introduction to this article provides insufficient context for those unfamiliar with the subject matter. Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page. (CVP CVP central venous pressure. CVP abbr. central venous pressure CVP central venous pressure. CVP Central venous pressure, see there ) -- Anti-Virus Protection -- URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. Screening -- Java Security Connection Control -- Connection Load Balancing The fine tuning of a computer system, network or disk subsystem in order to more evenly distribute the data and/or processing across available resources. For example, in clustering, load balancing might distribute the incoming transactions evenly to all servers, or it might redirect them -- High Availability/Fault Tolerance Enterprise Management -- Network Usage Accounting -- Enhanced Management Interface -- Enhanced Address Translation Authentication & Encryption -- SKIP and Manual IPSec Encryption Support -- RADIUS Authentication Protocol Support -- AssureNet Authentication Server A device used in network access control. It stores the usernames and passwords that identify the clients logging in, or it may hold the algorithms for token access (see authentication token). Support -- Transparent Authentication Capabilities Furthering its position as the technology leader and premier developer of network security software solutions, Check Point Software Technologies Ltd. today announced breakthrough advancements in secure enterprise connectivity with Check Point(TM) FireWall-1(TM) 3.0. The new product, based on the company's patent-pending "Stateful Inspection A firewall technology that ensures that all inbound packets are the result of an outbound request. Also called "stateful packet inspection" (SPI), it was designed to prevent harmful or unrequested packets from entering the computer. "(TM) architecture, is the first firewall in the industry to offer integrated content security, connection control and multiple encryption schemes delivered in an open security platform. FireWall-1 3.0 also provides an array of sophisticated new security and management features to enable network managers to define and manage a fully integrated and comprehensive security policy from a central security console, including advanced network management, expanded authentication and encryption capabilities, improved user interface options and additional application support. "The rapid adoption of the Internet and its integration into complex enterprise information systems are requiring a much broader base of security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the , integrated into a comprehensive enterprise security system with powerful content security and centralized management capabilities," said Dr. Deborah Triant, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Check Point Software Technologies, Inc. "Check Point is pleased to be at the forefront of this revolution by introducing FireWall-1 3.0, the most advanced and complete solution for secure enterprise connectivity available on the market today." "Encryption and authentication are already above and beyond what is expected of the traditional firewall," said Ted Julian, industry analyst at International Data Corporation. "Content security and connection control, together with advanced enterprise management tools, are critical advancements that move FireWall-1 into a whole new category as the industry's most advanced platform to enable the construction of secure enterprise networks." Content Security The unique content security features in FireWall-1 3.0 enable intelligent inspection of communications content and protect users from various hazards, including computer viruses, malicious Java applets and undesirable Web content. Check Point FireWall-1 3.0's content security features are comprised of the Content Vectoring Protocol (CVP), an open protocol for integrating external and third-party content inspection programs, plus integrated content inspection capabilities for anti-virus protection, URL screening and Java security. Content Vectoring Protocol and Anti-Virus Protection The new Content Vectoring Protocol (CVP), integrated into FireWall-1 3.0, provides an open specification to enable the integration of external and third-party content screening software in a "plug-in" manner. The CVP was developed in conjunction with and is supported by leading content security vendors, including Cheyenne Software, Integralis, McAfee Associates, Symantec and Trend Micro Incorporated, to simplify deployment of anti-virus products in tandem Adv. 1. in tandem - one behind the other; "ride tandem on a bicycle built for two"; "riding horses down the path in tandem" tandem with Check Point FireWall-1 (see related release). The CVP also provides a "plug-in" interface for Check Point s FTP FTP in full file transfer protocol Internet protocol that allows a computer to send files to or receive files from another computer. Like many Internet resources, FTP works by means of a client-server architecture; the user runs client software to connect to , HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. and SMTP (Simple Mail Transfer Protocol) The standard e-mail protocol on the Internet and part of the TCP/IP protocol suite, as defined by IETF RFC 2821. SMTP defines the message format and the message transfer agent (MTA), which stores and forwards the mail. security servers. Check Point FireWall-1 3.0 also provides integrated anti-virus capabilities via Cheyenne Software's InocuLAN anti-virus software anti-virus software n → Antivirensoftware f , which is bundled with FireWall-1 3.0, to offer users an integrated solution to screening transmission contents for harmful computer viruses. URL Screening FireWall-1's URL screening capabilities preserve valuable company bandwidth and add another level of network control by allowing network managers to restrict access to specific Web pages. This enables network managers to define flexible corporate security policies that ensure employees only download and access appropriate Web page information. In addition, the URL screening can be leveraged to record the types of URLs accessed for internal analysis needs, increasing the management capabilities of the FireWall-1 security platform. Check Point's URL screening is initially compatible with two leading URL list vendors, Netegrity/Microsystems and NetPartners (see related release). Java Security FireWall-1's Java security capabilities provide the highest degree of flexibility available today from any firewall vendor by enabling network managers to block Java applets entirely or allow Java applet traffic through the firewall, protecting against the most common and known Java network attacks. Check Point's industry-leading Java security capabilities were developed based on technical input from Sun JavaSoft and Netscape Communications (see related release). Connection Control FireWall-1 extends its leading policy enforcement capabilities with the ConnectControl(TM) product module, offering additional sophisticated features including application-independent load balancing and high availability/fault tolerance. FireWall-1's load balancing capabilities allow the network manager to transparently increase server capacity for a given application, such as Web access or FTP, by representing a series of replicated servers supporting that application as a single logical IP hostname. FireWall-1 ConnectControl then dynamically balances the load for optimum performance, distributing client requests across the servers and in a manner transparent to the clients. Additionally, servers may be located in a single, geographic location for all applications or, for Web traffic, servers can be distributed in multiple geographic locations to improve service to users in globally dispersed locations. An industry first, FireWall-1 3.0's high-availability is designed to offer uninterrupted network connectivity by allowing multiple FireWall-1installations on the network to share state tables. As a result, if one network connection fails, a backup firewall can take its place to maintain secure corporate Internet connectivity. In addition, this state table synchronization also provides a solution for firewalling enterprises that have asymmetric routing in their networks. FireWall-1's high availability Also called "RAS" (reliability, availability, serviceability) or "fault resilient," it refers to a multiprocessing system that can quickly recover from a failure. There may be a minute or two of downtime while one system switches over to another, but processing will continue. ensures continuous Internet and Intranet access to and within the corporation. Enterprise Management The data collection and analysis capabilities of FireWall-1 3.0 have been expanded to include network usage reporting and accounting capabilities. These features have been provided by extending the range of information captured at the inspection modules, such as the amount of data downloaded or session length, and enabling this data to be exported, allowing more detailed data manipulation Processing data. and reporting for such uses as internal chargeback Chargeback The charge a credit card merchant pays to a customer after the customer successfully disputes an item on his or her credit card statement. Notes: Customers dispute charges to their credit card usually when goods or services are not delivered within the or billing. FireWall-1 3.0 also offers improved user interface capabilities by providing a Motif-based interface across UNIX UNIX Operating system for digital computers, developed by Ken Thompson of Bell Laboratories in 1969. It was initially designed for a single user (the name was a pun on the earlier operating system Multics). environments. FireWall-1's enhanced address translation increases network flexibility and security by enabling network administrators to simultaneously translate source and destination IP addresses, to hide the source address and translate the destination address, for example. Graphical user interface graphical user interface (GUI) Computer display format that allows the user to select commands, call up files, start programs, and do other routine tasks by using a mouse to point to pictorial symbols (icons) or lists of menu choices on the screen as opposed to having to support for address translation configuration and management is also integrated in the new version. Additionally, a new view within the user interface dynamically displays all live sessions, enabling network managers to monitor all open connections in real-time. Encryption & Authentication Today's enterprise client/server networks pose new and unique challenges to maintaining adequate security due to the wide range of remote interactions that can take place between clients and servers over a geographically distributed network. FireWall-1 3.0 widens its security capabilities with new encryption and authentication capabilities to offer additional technology choices for implementing secure wide area networks. FireWall-1 currently offers support of leading encryption technologies including Diffie-Hellman for key management, RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. for digital signature schemes, as well as DES, the recognized standard encryption technology and Check Point's proprietary, exportable encryption algorithm A formula used to turn ordinary data, or "plaintext," into a secret code known as "ciphertext." Each algorithm uses a string of bits known as a "key" to perform the calculations. The larger the key (the more bits), the greater the number of potential patterns can be created, thus making , FWZ1. With version 3.0, FireWall-1 is also the industry's first firewall to support three encryption schemes -- FWZ, Check Point's proprietary encryption scheme, SKIP (Simple Key-Management for Internet Protocols), an emerging encryption standard, and manual IPSec. Check Point has expanded the range of authentication methods available to today's network manager by including compatibility with the RADIUS protocol standard to allow interoperability with emerging third-party RADIUS authentication servers. Check Point has also added support for AssureNet's (formerly Digital Pathways) authentication servers. In addition, FireWall-1 now offers transparent client and user authentication See authentication. , allowing users to be transparently challenged for user and password information without requiring them to be aware of firewall locations in the network. This simplifies network access while allowing the full power of authentication to enable network access based on user information. Enhanced Application Support FireWall-1 3.0 adds support for numerous Internet multimedia applications including Netscape's CoolTalk, Xing Technology's StreamWorks, and Microsoft NetMeeting Microsoft NetMeeting is a VoIP and multi-point videoconferencing client included in many versions of Microsoft Windows (from Windows 95 OSR2 to Windows XP). It uses the H. . Check Point FireWall-1, which today supports hundreds of applications, services and protocols, is designed to allow administrators to easily customize the firewall to incorporate new and custom applications. Many Internet audio and video technologies are based on connectionless protocols such as UDP UDP (uridine diphosphate): see uracil. (User Datagram Protocol) A protocol within the TCP/IP protocol suite that is used in place of TCP when a reliable delivery is not required. and dynamically allocated channels. This makes it difficult or impossible for most firewalls to support these technologies securely. FireWall-1's Stateful Inspection implementation secures UDP-based applications by maintaining a virtual connection on top of UDP communications. FireWall-1's programmable INSPECT(TM) engine, at the core of the FireWall-1 technology, enables extensible Stateful Inspection and allows Check Point to provide support for new and custom applications quickly and easily. Pricing and Availability Check Point FireWall-1 3.0 and the separately available ConnectControl product module will be available before the end of the fourth quarter of 1996. Pricing will be announced at that time. Version upgrades to Check Point FireWall-1 3.0 will be available free of charge to any customers purchasing Check Point FireWall-1 2.1 on or after Oct. 7 for a 90 day period. About Check Point Software Technologies Ltd. Check Point Software Technologies Ltd. (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : CHKPF) is the leader in global network security software and inventor of a new generation firewall technology called Stateful Inspection, which is quickly emerging as the industry standard. The company commanded a 40% share of the worldwide firewall market in 1995 according to an IDC study issued in Feb. 1996. Its products are sold worldwide through OEM (Original Equipment Manufacturer) The rebranding of equipment and selling it. The term initially referred to the company that made the products (the "original" manufacturer), but eventually became widely used to refer to the organization that buys the products and partners, distributors, VARs, systems and network integrators and Internet Service Providers Internet service provider (ISP) Company that provides Internet connections and services to individuals and organizations. For a monthly fee, ISPs provide computer users with a connection to their site (see data transmission), as well as a log-in name and password. . The company has U.S. headquarters in Redwood City, Calif., and international headquarters in Ramat-Gan, Israel. For product information, please call 415/562-0400, e-mail info@checkpoint.com or visit Check Point at http://www.checkpoint.com. -0- Note to Editors: 1996 CHECK POINT Software Technologies, Ltd. CHECK POINT, the CHECK POINT logo, CHECK POINT FireWall-1, FireWall-1 SecuRemote, FireWall-1 ConnectControl and FireWall-First! are trademarks of CHECK POINT Software Technologies Ltd. All other product names mentioned herein are trademarks of their respective owners. CONTACT: Check Point Software Technologies, Inc. Emily Cohen cohen or kohen (Hebrew: “priest”) Jewish priest descended from Zadok (a descendant of Aaron), priest at the First Temple of Jerusalem. The biblical priesthood was hereditary and male. or Jessica Johannes, 415/562-0400 Ext. 228 or 236 emily@us.checkpoint.com jessica@us.checkpoint.com |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion