Leading firewall and virtual private network (VPN) vendor Check Point Software Technologies unleashed a raft of new features on its users on Monday when it unveiled Feature Pack-1, the first feature update to its Next Generation firewall and VPN product that was released in August.
The upgrade aims to provide more simplicity in creating VPNs, while also accelerating performance.
Feature Pack-1 (FP-1) offers administrators the ability to create "one-click" VPNs, digital certificates and extranets, as well as offering performance increases, updates to the company's VPN client and features to aid tech support staff.
The one-click VPN feature allows administrators to more easily set up site-to-site VPNs by grouping collections of VPN gateways, called communities, and creating policies and rules for them, said Leslie Stern, product marketing manager at Check Point. When those communities are defined, sites within them are able to create connections to one another with security policies and rules being implemented automatically. Creating VPN connections this way offers the kind of simplicity that many Check Point users have been asking for, she said.
Also included in FP-1 is the ability to create digital certificates and extranets with one click, Stern said. FP-1 lets administrators generate digital certificates to authenticate users connecting from client-to-gateway and gateway-to-gateway without forcing companies to implement PKI (public key infrastructure) systems, Stern said.
Extranets are more easily built with FP-1 as rules and policies can be created to allow partners limited access to corporate resources through VPN gateways. In order to set up such an extranet, administrators at both companies must first share information such as IP (Internet protocol) addresses, public keys, device names and more, which Stern admits might require more than one click.
Looking to not only simplify VPN set-up, but also improve performance, FP-1 includes two speed boosts through Check Point's SecureXL framework. The first improvement allows VPN connection loads to be spread across multiple gateways when the connections are attempting to access the same resources, Stern said. By spreading the load across multiple gateways, connections should become more reliable and faster.
Also adding speed to connections is a new feature that supports VPN acceleration in NICs (network interface cards). Intel already has a card on the market that incorporates this feature and 3Com currently has one in testing, Stern added.
Feature Pack-1 also includes updates to the VPN-1 SecureClient to smooth Windows networking and technical support issues. SecureClient now offers users an OfficeMode which makes their computer appear to be on the local network, rather than connected over a VPN, Stern said. This comes in handy when trying to take advantage of Windows networking. Also included in the new client is VPN Monitoring Diagnostics, a management console on the client with information about the connection that can be used to help management and troubleshooting for the remote user, she said.
Feature Pack-1 should be available by the end of November and is a free upgrade to anyone already using Check Point NG and who has a support contract, Stern said.