Check Point said it is developing a new way of designing security systems that allows the most demanding computing jobs, such as the encryption and compression of data, to be off-loaded onto compatible hardware and software. Hardware and software compatible with the Check Point architecture will be offered by industry partners.
As part of the effort, Check Point said it will make APIs (application programming interfaces) for some of its products available to partners that make servers, network processors and other equipment. Partners that have signed on to the effort so far are Compaq; chip makers Intel and Broadcom; as well as Nokia, Intrusion.com and RapidStream, each of which make a line of security appliance servers, Check Point said.
Nokia will be the first company to integrate the new security architecture, in its IP 530 security appliance, Check Point said.
The architecture will be represented in what Check Point officials are calling Next Generation, the next major revision to its security products.
To allow those more demanding security jobs to be performed separately, Next Generation is being designed as a series of modules that independently perform discrete functions such as firewall, encryption, compression and public key operations. Those tasks will be farmed out and run on specialised chips from third-party vendors or software running on standard servers, which will allow performance boost using technologies like parallel processing, Check Point said.
Check Point officials said the new performance architecture could help boost VPN (virtual private network) and firewall performance ten fold, enabling gigabit and multi-gigabit Internet security systems.