With the addition of Check Point’s internally developed SD-WAN offering, the company now offers a ‘more comprehensive’ SASE platform than other providers, the Check Point CEO tells CRN.
essential component of SASE. But taking the time to develop its own SD-WAN in-house will ultimately pay off, thanks to the tight integration that Check Point is able to offer with the network gateway, Shwed said.
While Check Point did consider making an acquisition to bring in SD-WAN technology, and “almost” did so, “in the end, we decided that it’s best to do it on our own, because it’s very [tied] into the gateways,” he said in a recent interview with CRN.
This degree of integration is a “huge advantage” for Check Point’s SD-WAN and for its SASE platform overall, Shwed said.
SASE — which aims to enable secure access to corporate resources for distributed workforces — also comprises a number of security tools, including zero trust network access (ZTNA) in place of VPN. Check Point unveiled its SD-WAN offering in February.
Overall, Check Point’s SASE platform is now “more comprehensive in terms of security capabilities. It’s more scalable and interoperable with many more systems,” Shwed said.
“Many SASE systems today are good, but they are independent of the rest of your security infrastructure,” he said. “For most of our customers, they need something that would work together — not two separate control systems, two separate communication systems. So I feel very good about what we have.”
Chris Konrad, area vice president for global cyber at World Wide Technology, No. 10 on CRN’s Solution Provider 500, said that Check Point is continuing to prove itself to be a major innovator in emerging areas of cybersecurity such as SASE and extended detection and response (XDR).
“When I look at innovation—when I look at products like new XDR solutions or new SASE solutions—they understand the network,” Konrad said. “They understand the space. They’ve been in it. They understand the challenges enterprises are facing today.”
‘Closing The Gap’
When it comes to SASE, “what we are trying to bring is the [full] Check Point value,” Shwed told CRN. “I think that’s one of our big advantages but also one of the challenges — that many of these [competing] SASE solutions are far more simplistic. They don’t have the level of security, the level of control.”
Check Point customers demand “the level of security that they are used to, but also to have the level of management. So we are closing that gap of being able to secure users and remote branches from the cloud,” he said. “We are connecting it now to the full architecture. So it’s the same solution that you can use when you’re deploying it on site, the same solution when you’re doing it on the branch offices, same when it’s cloud-driven. They are connected together.”
In terms of SD-WAN, “we worked on that for a long time. We looked at different companies, different technologies [for potential acquisition],” Shwed said. “But we really needed to make sure that the security and the [SD-WAN] work together very, very closely. We use the same engine to classify the traffic. We use all the same management to build that together. This is a really, really tight integration within the same gateway.”
SASE is undoubtedly one of the biggest opportunities for Check Point partners looking ahead, said Francisco Criado, who joined Check Point as its new global channel chief earlier this month.
“If you look at the market opportunity, it’s SASE, it’s zero trust, it’s protecting the user,” Criado said in a previous interview.
Going forward with the channel, “selling beyond the firewall is one of the priorities,” he said.
Channel partners are involved with 100 percent of Check Point deals, said Geoff Waters, president of Americas sales at Check Point.
“I’ve seen a lot of other vendors where they’ll say that they’re ‘channel-friendly,’ but then they’ll take all their global accounts and they’ll go direct [on those],” Waters told CRN. “We don’t do that.”
Check Point, according to Shwed, also stands out by enabling partners and customers to consolidate their security tools — given the fact that the vendor’s portfolio spans network, cloud, endpoint and email security, as well as security operations. And that should serve as a major driver for channel partners going forward, he said.
“We aim to provide one unified security [platform], one pane of glass, that you can use to control the entire security environment,” Shwed said.
All in the all, the level of implementation with the Check Point platform “will be much simpler and much easier than taking 20 vendors. That’s the consolidation element,” he said. “But you still need the partner that understands the customer environment, that knows how to service that — that knows how to create that relationship at every level.”