October 08, 2001, 3:47 PM — Check Point Software Technologies Ltd. Monday announced the release of the new version of its Provider-1 Internet security management system for service providers, telecommunication vendors and large companies, as well new features for its OPSEC security framework.
Provider-1 Next Generation adds new management, auditing, policy creation and implementation and updating features to Check Point's large-scale firewall administration tool. The software adds Total Availability Management (TAM), a system by which customer data is constantly synchronized between different Provider-1 servers to create redundant functionality and multiple administration options, said Mike Lee, product marketing manager at Check Point. TAM will allow administrators at one location to take over the duties of administrators at a second location if the second location loses network connectivity or has other troubles, Lee said.
The new software also includes support for Dynamic Global Objects, a method by which administrators are able to build generic rules and policies that apply to all client networks and are customized to work for each network's specific topology after the policy is sent to the firewall serving that network, Lee said. This feature aims to save the time and effort needed to create policies specific to each client network. In the service provider setting targeted by Provider-1, that could be the hundreds of networks, he said. In addition, management servers are now able to store up to 500 policies, up from 200 in the previous version of Provider-1, he said.
Beyond Dynamic Global Objects, Provider-1 Next Generation also offers SecureUpdate, which allows administrators to automatically and remotely deploy software and license updates to firewalls, Lee said. This not only saves time and money, but also allows new features to be enabled on the firewalls even after they've been deployed, he said.
Provider-1 Next Generation includes its own digital certificate authority and provides a raft of new administration and auditing features. The software includes log file redundancy across multiple servers, automated log archiving that can be set to trigger based on certain events or times and detailed tracking of who makes changes to the system, Lee said.
Though the weakness in the U.S. economy has affected the businesses of the companies targeted with Provider-1 -- most notably hosting company Exodus Communications Inc., which filed for bankruptcy protection in late September -- Check Point's business is still strong, Lee said.
"It is tricky," he admitted. "It's not easy business anymore like it was in 2000."
Even so, Lee said he actually expected more "tales of woe" than he has heard thus far, so the news hasn't been as bad as he anticipated.