CheckPoint Software Unveils Open Security Platform Strategy; CheckPoint's Open Platform For Secure Enterprise Connectivity OPSEC Provides Integrated Network Security Through Open APIs and Support for Industry-Standard Interfaces.REDWOOD CITY Redwood City, city (1990 pop. 66,072), seat of San Mateo co., W Calif., on San Francisco Bay; inc. 1868. Manufactures include commmunications, electrical, electronic, and medical equipment. , Calif.--(BUSINESS WIRE)--Nov. 18, 1996-- CheckPoint Software Technologies Ltd., the market leader in network security software, today announced OPSEC (OPerations SECurity) The U.S. military term for concealing critical information as part of a counterintelligence plan. A form of "security by obscurity," OPSEC determines what information adversaries can obtain or piece together from observation and to provide measures for , Check Point's Open Platform for Secure Enterprise Connectivity. OPSEC is a revolutionary concept in enterprise-wide security -- a single platform that integrates and manages all aspects of network security through an open, extensible management framework, using a combination of published application programming interfaces (APIs), support for industry-standard protocols and a high-level scripting language A high-level programming, or command, language that is interpreted (translated on the fly) rather than compiled ahead of time. A scripting, or script, language may be a general-purpose programming language or it may be limited to specific functions used to augment the running of an . As a result of this new architecture, customers can easily and seamlessly integrate a full spectrum of security applications from Check Point and other vendors to manage functions such as access control, address translation, authentication, auditing, accounting, encryption and content security. This approach allows customers to choose the system components that best meet their requirements and to rapidly exploit the latest developments in security technology. With OPSEC, all facets of network security are defined and driven by a single, central enterprise-wide security policy, ensuring that corporate security is safer, simpler to maintain and more comprehensive than ever before. "Recent polls have shown that CIOs and IS chiefs recognize the need for integrated network A network that supports both data and voice and/or different networking protocols. See converged network and new public network. security, but don't have the time or resources to conduct the rigorous interoperability testing required for the various components of an integrated security policy," said Dr. Deborah Triant, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Check Point Software Technologies, Inc. "OPSEC provides companies with an open network security platform that answers customers' security demands today and provides the scaleability and extensibility to make it a good investment for the future." Open, Client/Server Framework The cornerstone of OPSEC is its open framework, which enables powerful, selective deployment of current technologies from Check Point and third-party vendors, providing the ability to leverage new developments in security applications as they become available. Designed to offer unparalleled flexibility, OPSEC allows security managers to integrate third-party security technologies through openly-published APIs and the support of public standards. In addition, customers can use the INSPECT(tm) programming language to create a customized solution tailored for each organization's security challenges. Based on a distributed client/server architecture An environment in which the application processing is divided between client workstations and servers. It implies the use of desktop computers interacting with servers in a network in contrast to processing everything in a large centralized mainframe. See client/server. , OPSEC makes it easy for network administrators to define the integrated network security policy from a central management console and enforce that policy enterprise-wide. Once the rule-based security policy is defined through Check Point's graphical interface on the management console, an INSPECT script is generated from the rule base for each firewall module being managed. The INSPECT scripts are then compiled and sent to the various firewall modules throughout the network which may reside on workstations, servers, routers, or a combination of these platforms. Each of these firewall modules contains an INSPECT Virtual Machine (VM), which implements the security policy and invokes the appropriate actions through either internal VM components or external plug-in security applications. The INSPECT language can also be used to customize the security system through supplemental INSPECT scripts that modify the behavior of the INSPECT VMs. Plug-In Through Open APIs and Open Industry Standards The OPSEC open framework provides customers with a broad range of internal and external plug-in security services. OPSEC provides built-in applications for access control, authentication, content security and network address translation. Customers also have a choice of add-on functionality for encryption, to create Virtual Private Networks using the Internet, and connection control, to extend their network security functionality to include load balancing and fault tolerance. In addition to these internal plug-in applications, OPSEC defines open APIs for third-party security applications to be plugged into the INSPECT Engine. Check Point will publish the following APIs (Application Programming Interfaces) for third-party application integration: Content Vectoring Protocol The introduction to this article provides insufficient context for those unfamiliar with the subject matter. Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page. (CVP CVP central venous pressure. CVP abbr. central venous pressure CVP central venous pressure. CVP Central venous pressure, see there ) -- enables the integration of virus scanning software and other content inspection programs; Suspicious Activity Monitoring Protocol (SAMP) -- enables the integration of suspicious activity monitoring programs and allows them to modify access privileges upon detection of any suspicious network activity, such as several attempts to gain unauthorized access; and URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. Filtering Protocol (UFP UFP United Federation of Planets (Star Trek) UFP Union des Forces Progressistes (French: Union of the Forces Progressists, Quebec provincial party) UFP URL Filtering Protocol ) -- enables the integration of URL list services to limit access to specific Web pages from behind the firewall. Support for open standards, where defined, is another facet of providing easy integration of ancillary applications in Check Point's open security platform. Check Point will support the following open industry standard protocols in OPSEC: RADIUS -- allows interoperability with emerging third-party RADIUS authentication servers; SNMP (Simple Network Management Protocol) A widely used network monitoring and control protocol. Data are passed from SNMP agents, which are hardware and/or software processes reporting activity in each network device (hub, router, bridge, etc. -- already supported by Check Point, enables interoperability with popular network management software, such as H-P OpenView, SunNet Manager, and IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) NetView 6000; LDAP (Lightweight Directory Access Protocol) A protocol used to access a directory listing. LDAP support is implemented in Web browsers and e-mail programs, which can query an LDAP-compliant directory. (Lightweight Directory Application Protocol) -- enables OPSEC to extract user information from other LDAP-based directories; ODBC (Open DataBase Connectivity) A database programming interface from Microsoft that provides a common language for Windows applications to access databases on a network. -- enables customers and third-parties to download Check Point log information to any ODBC-compliant database, including Oracle, Sybase, Informix and Microsoft for accounting purposes and security auditing/intrusion detection; FORTEZZA -- a government standard for hardware-based token authentication; IPSec ISAKMP (Internet Security Association and Key Management Protocol) A framework for establishing trusted interactions among entities using TCP/IP. See IKE. ISAKMP - Internet Security Association and Key Management Protocol -- the mandatory key management scheme defined for the IETF See Internet Engineering Task Force. IETF - Internet Engineering Task Force IPsec standard which allows interoperability between various network encryption products for Virtual Private Networking; and SKIP -- (Simple Key-Management for Internet Protocols), the optional key management scheme defined for the IETF IPsec standard. Customize and Extend Through INSPECT The INSPECT language is used by Check Point to extend the functionality of the network security system as well as to add support for new and emerging applications through the firewall, such as Netscape CoolTalk, Microsoft NetShow and NetMeeting, and Xing StreamWorks. Security managers and third-party software developers can also use Check Point's INSPECT programming language to customize and extend OPSEC functionality. By writing a simple, high-level INSPECT script, customers can customize the OPSEC platform to include secure support for a new, custom, or in-house application, or specify customized threshold alerts for suspicious network activity. Customers and third-parties can also use INSPECT to extend OPSEC functionality beyond the traditional security realm, such as creating an accounting and reporting application that plugs into Check Point's FireWall-1 network security solution. Actively Manage Network Traffic In a departure from traditional passive network management methods, which require an event to occur before invoking action, OPSEC enables network managers to `actively' manage their enterprise network traffic by pre-defining the desired network behavior in the central security policy. Rather than incurring a lag-time between the occurrence of a flagged network management event, such as a failed backup drive or an unauthorized data entry attempt, the OPSEC framework provides immediate response to these types of network events based on a dynamic view of the state of network resources and network traffic patterns. This enables companies to establish a proactive course of action to optimize network traffic management, saving time and resources, and improving the quality of service in the network. About Check Point Software Technologies Ltd. Check Point Software Technologies Ltd. (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on :CHKPF) is the network security market share leader and inventor of the "Stateful Inspection" architecture. The company commanded a 40% share of the worldwide firewall market in 1995 according to an IDC study issued in February 1996. The company's flagship product, Check Point(tm) FireWall-1(tm), protects internal and external network communications for thousands of organizations of all sizes. Its products are sold worldwide through OEM (Original Equipment Manufacturer) The rebranding of equipment and selling it. The term initially referred to the company that made the products (the "original" manufacturer), but eventually became widely used to refer to the organization that buys the products and partners, distributors, VARs, systems and network integrators and Internet Service Providers Internet service provider (ISP) Company that provides Internet connections and services to individuals and organizations. For a monthly fee, ISPs provide computer users with a connection to their site (see data transmission), as well as a log-in name and password. . The company has U.S. headquarters in Redwood City, California Redwood City is a suburb located on the San Francisco Peninsula in the San Francisco Bay Area of California. Redwood City is the county seat of San Mateo County. As of the 2005 census, the city had a total population of 76,000. and international headquarters in Ramat-Gan, Israel. For product information, please call (415) 562-0400, e-mail info@checkpoint.com or visit Check Point at http://www.checkpoint.com. -0- Note to Editors: c 1996 CheckPoint Software Technologies Ltd. CheckPoint, the CheckPoint logo, CheckPoint FireWall-1, FireWall-1 SecuRemote, INSPECT, Stateful Inspection and FireWall-First! are trademarks of CheckPoint Software Technologies Ltd. All other product names mentioned herein are trademarks of their respective owners. CONTACT: CheckPoint Software Technologies Inc. Emily Cohen cohen or kohen (Hebrew: “priest”) Jewish priest descended from Zadok (a descendant of Aaron), priest at the First Temple of Jerusalem. The biblical priesthood was hereditary and male. , 415/562-0400 X228 |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion