Days after merging its operations with tiny startup Carbon Black, US security firm Bit9 has announced a new deal that will see its technology integrated with Check Point firewalls.
The partnership goes some way to explain why Carbon Black found itself on Bit9’s radar. The latter’s innovation is an endpoint sensor that will feed alert data back to Check Point’s Threat Emulation layer, giving an integrated attack detection and incident response in a one-er.
Although rival security vendors downplay firewalls as almost vestigial devices, in Check Point’s Next Generation Firewall universe they remain the central point of policy setting and control for network security. It’s a model in which remote sensors generate information that is fed back to the firewall to co-ordinate a response.
The firms will work to complete the integration between these technologies by the first half of 2014, a fascinating admission; Bit9 has only had Carbon Black in its stable for a week and already getting the Check Point partnership up and running is a driving influence for the sensor.
Bit9 and Check Point are also working to integrate the NGF with Bit9’s own security platform.
“Integrating the Check Point Threat Emulation Service with the Bit9 Security Platform, now with Carbon Black, extends real-time malware prevention, detection, analysis and response to every endpoint and server,” said Bit9’s vice president of product management, Brian Hazzard.
“The best protection is to secure as many endpoints and servers as possible and put the rest in a ‘detect-detonate-deny’ posture that allows for real-time security policy enforcement as threats appear.”
The emergence of these systems is a belated response to the incredible vulnerability of the PC, which firewall vendors used to ignore as someone else’s problem. Increasingly, endpoint defence is about protecting these vulnerable devices from the network or cloud level.