Check Point Software Technologies introduced two new blade-form-factor firewall appliances Tuesday, along with an upgrade to its software to manage increasingly complex security environments. Check Point says the new 61000 and 21400 model firewall blades deliver not only firewall protection, but also deliver intrusion prevention, data loss protection and application control.
Check Point said the 61000 model, with a list price starting at $195,000, is scalable up to 1 Tbps of throughput, and is intended for enterprise data centers, telecommunications carriers and cloud service providers. The 21400, starting at $115,000, scales up to 100 Gbps. The performance measures are Check Point’s own numbers and not independently verified.
The software that runs on the blades, version R75.20, adds new features not in its predecessor, version R75.0, says Oded Gonda, VP of network security products at Check Point.
For one thing, it includes a new metric, created by Check Point, that measures the performance needed for the security IT infrastructure given the tasks it is assigned, says Gonda. Firewall performance is usually measured by throughput--how many gigabits of data pass through it per second. But for other tasks, such as data loss prevention (DLP), application control or intrusion prevention, throughput isn’t the appropriate measure.
Check Point has created the Security Power Unit (SPU), a tool that an IT administrator can use to enter the security tasks he or she wants provided. The administrator is then presented with an SPU of what the performance requirements would need to be. Each security solution would have its own SPU rating, and the administrator could throttle up the system to provide that performance, plus a little headroom for good measure.
"In a way, it allows you to play with different scenarios on what you need today and what you might need in the future, and then plan how much you want to invest in your hardware relative to the headroom you might want to have," Gonda explains.