Check Point Software Technologies' introduction of Check Point Endpoint Security is the latest evidence that the era of point security solutions for laptops and PCs is drawing to a close. Beyond the addition of antivirus, antispyware and a VPN client, it establishes the platform for integration of the data security technologies acquired from PointSec last fall.
"To be a player in this market, you have to deliver an endpoint protection platform,"said Neil MacDonald, a vice president at Stamford, Conn.-based Gartner Inc. "It's not sufficient to have just a great firewall, or just HIPS, or antivirus."
The new release replaces Check Point Integrity and will be an upgrade to SecureClient customers. Called Endpoint Security Secure Access Edition, the first release adds a VPN client to existing NAC, host firewall, application control and some antispyware capabilities. Optionally, customers can add antivirus/antispyware through an OEM version of the Kaspersky Labs engine.
Why a Secure Access Edition? That's where the next and biggest piece comes in. For now, Pointsec's disk encryption and removable media encryption and control are separate--albeit rebranded as Endpoint Security--products. By the end of Q2, Endpoint Security Total Security will be available as a complete integrated package. It will start at $165 per device, about the combined price of the former Pointsec products. The Secure Access Edition starts at $60 per device.
"Desktop encryption still a separate decision," MacDonald said. "But application and device control is a logical progression, as they deliver not only threat protection but also policy enforcement."
Check Point's decision to beef up its endpoint security offering is typical of what's happening in the market. Traditional AV vendors--Symantec, McAfee, Trend Micro, CA, et al, plus some newer endpoint challengers like IBM ISS, eEye Digital, and Fortinet are in various stages of bringing more or less integrated endpoint products to market. Depending on the vendor, these packages can include host firewall, HIPS, NAC, encryption, device and application control, and data leak prevention.
"Check Point had to do this to compete," said Gartner's MacDonald. "The others have already delivered."
Check Point's play has some marked similarity with McAfee, which is integrating newly acquired SafeBoot, which competed with Pointsec and still independent vendors like Utimaco and Credant Technologies.
"There will be healthy market for encryption," MacDonald said. "That's not commoditized yet. It would be good to see an aggressive move to proactively go after business."
Check Point has no illusions about becoming the next Symantec on the desktop, but said this gives customers options for integrated endpoint and data protection.
"Some customers look at antivirus/antimalware as a commodity, as long as they are getting good protection, but that's not our focus, said Dave Burton, director of product management at Check Point. "Large enterprises go for best of breed, but medium-sized organizations are looking to simplify management and reduce costs with a single agent."
To that end, Burton said Check Point would complete the integration with a single management console. Burton added that research is also being conducted in the area of data leak prevention, specifically at gateway.