Cybersecurity Roundup: Check Point, Kaspersky, Coronavirus Malware, SiteLock

Check Point partners are interested in opportunities in SD-WAN security.

Edward Gately, Senior News Editor

February 1, 2020

10 Min Read
Cybersecurity Roundup, security roundup

That’s a wrap for Check Point Software Technologies’ CPX 360 2020 conference in New Orleans.

During the conference, Check Point unveiled Infinity Next, its latest Infinity cybersecurity architecture, and announced a new global partner program.

At last year’s CPX 360, Check Point’s Aviv Abramovich, its head of security services product management, talked to us about how partnerships are key to Check Point bringing security to SD-WAN. Check Point is working with SD-WAN vendors like Versa, Cisco, HPE and others, and is cooperating with AT&T, Verizon and other carriers around the world to bring secure SD-WAN to their customers.

This week, Abramovich gave an update on Check Point’s increasing partnerships to secure SD-WAN.

Channel Futures: So what’s the latest in terms of Check Point and SD-WAN security?

Aviv Abramovich: We’ve been busy. We’ve created SD-WAN as a focus area for some of our development groups, so they’re dedicated development groups now. We are consistent in our approach in that we promote partnerships. So we work with all the leading SD-WAN vendors and we’ve created combined offerings that you can integrate very neatly together and give our customers a secured SD-WAN solution. We launched that in late August of last year and we started to see some nice adoption and a lot of interest. Most of my meetings here at this event are all about SD-WAN and the various components that we deliver. One that was very interesting was with a partner, so our partners are observing the SD-WAN market and they’re trying to think what value they can bring.


Check Point’s Aviv Abramovich

The reason we are doing these partnerships is we realized that in the SD-WAN market, SD-WAN is driven by the network team, and the network team evaluates different SD-WAN products based on their networking capabilities. That has nothing to do with security whatsoever. It’s predominantly a network decision of what vendors they use, what are their networking capabilities, and that’s how it’s evaluated. We just want to enable our customers to not compromise on their security. If they had security for their branches provided by Check Point before, they can still have it, even if they move to SD-WAN. And now the architecture of the network looks different than what it used to be before, and they can just move that along and adapt to it and adopt it, rather than try and hold the organization back from deploying something like that.

CF: So it’s increasing opportunities for partners while also creating more security when it comes to SD-WAN?

AA: Correct. When we thought about our strategy, we thought, how can we create it so that everybody’s a winner? I think the fact that we’re doing these partnerships and we continue to expand, everybody’s a winner in this case.

CF: Can you give some examples of some of the latest partnerships that have taken place?

AA: We partner with VMware, Silver Peak, and we’ve partnered with Cisco; we just completed our certification with Cisco Cloud Fundamentals last week. We’re partnering with Versa, Aryaka, CloudGenix, Citrix and Microsoft. Each have their own strengths and differentiators that makes them unique. As a focus, we want to allow our customers to have the widest solution because some vendors will make more sense to some customers rather than others based on their capabilities and the way they …

… work, and the technology that they deliver. We just don’t want them to compromise on security. We want to make sure that they can build security the way they want to, whatever networking platform they decide to choose.

CF: What are Check Point’s SD-WAN security products?

AA: We launched a new solution, Check Point Secure SD-WAN, which included two products. One was CloudGuard Connect, which is a cloud-based security platform, so for all those customers that prefer to use a firewall as a service and routing traffic through the firewall as a service, they can do that from any SD-WAN device or any standard router. The other product is CloudGuard Edge, which is a different way to integrate security into SD-WAN, and it’s a virtual network function that you integrate into the SD-WAN platform directly. It does not rely on any cloud services. Each one has its own strengths and disadvantages, and we see an equal adoption of both.

CF: What are you hearing from partners here?

AA: They are looking into what’s the opportunity. Obviously they see the market adoption. They’re talking about a lot of customers needing to deploy it. Partners obviously are taking a consultative role’ they are the person that some customers reach out to and say tell me what I need to do, how should I set it up, what are my options, what works and what doesn’t work. And obviously if they see the trend growing, they’re looking to develop their own practice to include SD-WAN to allow customers to leverage and bring value. This is still a young market. I think the vast majority of adoption is still ahead of us and really it’s an opportunity for partners to play a significant role, not just from a consulting perspective, but integration [and] managing it. I think our customers are very open to having these conversations with our partners.

CF: Is this going to be an even bigger year for Check Point and SD-WAN, and are we likely to see some new solutions or latest versions of solutions coming?

AA: Yes. We are continuing to expand our platforms, to expand the use cases and to expand our partnerships. Let me give you one example. We are now co-developing with Microsoft a combined security solution platform to be part of Microsoft Azure. We have a lot of customers that are saying, “I’m using Office 365, that’s by far the No. 1 cloud SaaS platform that the customers often move to,” and that sometimes triggers the whole process of going to SD-WAN, and what they’re really looking for is a solution to coexist with that.

We’re also working on software-defined perimeter (SDP). You can think of it as a trend opposite to SD-WAN. SD-WAN is how the branch offices and roaming users go out to the internet securely and SDP is actually the other way around — how do I let users from the internet access applications securely?

Eric Parizo, senior analyst with Ovum, was among the analysts in attendance at CPX 360. He’s generally positive on Check Point’s strategy, “namely shifting its product development efforts to offer solutions for and from the cloud, acquiring technology more frequently in order to supplement its own innovations, and doubling down in areas that offer promise and complement its existing capabilities, like IoT security.”

Its upcoming CloudGuard Web Application and API Protection (WaaP) offering is “especially intriguing” as an alternative to …

…traditional web application firewalls, he said.


Ovum’s Eric Parizo

“However, Check Point’s ecosystem has too much inherent complexity, to the point where the company seems to embrace its complexity as a point of pride,” he said. “In a time when enterprises demand simplicity and ease of use from their cybersecurity solutions, Check Point has yet to fully come to terms with that reality. Issues like separate operating system (OS) codebases for its newer Maestro next-generation firewall (NGFW) line, and confusion as to which products do and don’t support its Infinity cloud-based management system only further the perception that it’s easier to work with other vendors’ technology.”

Kaspersky Partners with EclecticIQ for Threat Intelligence

Kaspersky has entered a new partnership with EclecticIQ Platform, which now gives business users access to the company’s threat intelligence, including Kaspersky Threat Data Feeds, APT Intelligence Reports and Threat Lookup service.

Kaspersky’s threat intelligence platform works alongside EclecticIQ to collect threat intelligence from open sources and commercial suppliers, allowing security operations centers (SOCs) to be armed with more contxt around the latest cyber threats and be better informed about how to respond.

A survey of IT security leaders commissioned by Kaspersky revealed that the role of cyber threat intelligence (CTI) analysts is among the most challenging position to hire. Understaffing in this area may result in existing experts being encumbered with work. To prevent this, Kaspersky’s collaboration with EclecticIQ helps CTI analysts receive relevant information from a single entry point instead of searching for and matching different sources.

Veniamin Levtsov, vice president of corporate business at Kaspersky, tells us the integration allows partners to readily leverage threat intelligence from Kaspersky with EclecticIQ threat intelligence platform and services to better protect customers from cyber threats.


Kaspersky’s Veniamin Levtsov

“The partnership we entered into allows EclecticIQ to serve as a one-stop shop for its own offerings and for Kaspersky offerings, streamlining projects for resellers and implementation partners,” he said. “Currently, a majority of customers are looking for the complex platform-based solution to enrich cyber systems with external threat intelligence; thus, an additional source of threat Intelligence is usually considered from a prospective of integration to the existing threat intelligence platform. If such a platform supports approved integration with the source, this dramatically simplifies the channel partner’s task and gives them a tangible competitive advantage against other threat Intelligence vendors’ channel.”

GlobalData: Criminals are Using Coronavirus Fears to Launch Malware

The coronavirus, which has prompted global panic, now has been confirmed in the United States and the World Health Organization has declared a global emergency.

While concerns about the spread grow, cybercriminals already are …

… taking advantage of the situation, according to GlobalData.

“Perhaps a more sinister threat than coronavirus itself is a malware that is already being spread in other parts of the world by heartless criminals using fear surrounding the disease,” said Lucy Ingham, GlobalData technical editor. “In Japan, where the first case was confirmed on Jan. 15, emails have begun circulating that appear to be warnings about the coronavirus outbreak from an official government body.”

The emails have a Word document as an attachment, with an urgent-sounding name that encourages the recipient to open it, she said. However, when they do, they see a message that looks like it is from Office 365 encouraging the user to change their settings so the document is not in protected view.

“Doing this does not provide any new information about coronavirus or anything else, but it does launch an extremely malicious malware known as Emotet, which is designed to steal financial data, banking logins and other valuable personal information,” Ingham said.


SiteLock’s Monique Becenti

Monique Becenti, channel and product specialist at SiteLock, tells us that when significant events such as this occur, it’s common for cybercriminals to capitalize on people’s fear. In order to protect themselves, users should always be aware of the increased risk of phishing emails that can coincide when an event like the coronavirus is a headline in the news, and how to spot them, she said.

“For example, users should be hypervigilant when receiving any email from an unknown source, especially if it contains a suspicious link or attachment,” she said. “As a best practice, before opening an email or attachment, users should identify the source of the email. They should then verify its legitimacy by going directly to the sender’s website by typing in the URL on a separate browser window or calling the phone number listed on the website.”

Cybersecurity providers can work with their channel partners to help ensure they, as well as their customers, are properly educated about the security risks of phishing emails and how to spot them when events such as the coronavirus are making headlines, Becenti said. In addition, cybersecurity providers should also offer partners a proactive solution to help prevent malicious redirects and other threats from penetrating their website, she said.

Read more about:


About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like