Check Point Adds VOIP Support to Secure Virtual Network

Check Point Software Technologies Inc. ( recently took the wraps off an architecture designed to incorporate all the elements for a secure Internet environment.

Unlike available VPNs, Check Point’s secure virtual network (SVN) provides secure and seamless Internet connectivity between networks, systems, applications, and users across the Internet, intranets, and extranets.

"The SVN is an architecture in which we provide security layers across the enterprise, the Internet, intranets, and extranets, and provide end-to-end connectivity, including partners and customers," says Raymond Kruck, OPSEC Alliance manager at Check Point.

The SVN solution consists of three parts: VPN-1/FireWall-1 suite for secure Internet communications; VPN-1 SecureClient and VPN-1 SecureServer to advance enterprise security by protecting individual clients, servers, and confidential client/server communications within a corporate network or across the Internet; and Reporting System, an analysis and reporting tool that integrates with VPN-1/FireWall-1 suite for secure Internet communications.

The new VPN-1/FireWall-1 product family integrates three areas of functionality critical to enterprisewide VPN deployment: high availability, PKI interoperability, and integrated bandwidth management. As with previous versions of the product, VPN-1 is fully integrated with FireWall-1 for seamless security and comprehensive centralized management.

VPN-1 SecureClient serves as a remote access VPN client and a corporate desktop VPN client. When used in conjunction with VPN-1 SecureServer, organizations can secure communications between individual clients and servers running sensitive enterprise applications -- such as those from Oracle Corp., SAP AG, or PeopleSoft Inc. -- and popular Internet-based applications such as e-mail, Web browsing, and file transfer. In addition to the client/server security it delivers, VPN-1 SecureClient provides a personal firewall capability that protects clients by enforcing a centrally managed security policy at the client level.

The Reporting System enables companies to monitor and assess the usage of Internet resources and to implement proper accounting and planning.

Kruck says SVN is useful for e-commerce and other servers that transfer large amounts of information that needs to be secure. "SVN takes legacy technology and we’ve added to it to make it more secure," he says.

In early October, Check Point added support for IP telephony, or voice over IP (VOIP), to the overall SVN architecture. Check Point’s SVN architecture addresses three key areas for VOIP deployment: security, quality of service, and latency.

The company’s Stateful Inspection technology helps low-latency connections by recognizing the standard H.323 protocol as well as proprietary VOIP protocols and sustaining the dynamic connection.

"The whole reason of VOIP is to leverage your existing network and its security," Kruck says. "So we will work with any vendor that supports the H.323 protocol."

The alliance has gained support from leading VOIP vendors, such as Clarent Corp., VocalTec, Shoreline Teleworks, Lipstream, PingTel, and Voxware.

Michael Howard, principal analyst at Infonetics Research Inc. (, says security is necessary for VOIP deployment.

"Today, carriers and service providers are deploying VOIP in a variety of ways, and callers may not even be aware that their calls are undergoing VOIP processing. Check Point is making sure that security is just as reliable and transparent as VOIP transport."