With hardware blades having found resonance in the marketplace, Check Point Software Technologies (NASDAQ: CHKP) is introducing a new concept it hopes will be equally embraced: software blades.
The networking security hardware, software and appliance vendor recently unveiled its new software blade architecture, which the company says will both provide network managers new benefits around infrastructure flexibility and scalability as well as provide Check Point partners with a powerful new way to pitch its security services.
Businesses will be able to select the security protections they need from a library of 20 software blades that can be added to select Check Point hardware gateways they already have in their network, such as the Check Point UTM-1 or Power-1 appliances. Darrell Burkey, director, IPS products with Check Point, said this will allow network managers to tailor the right security solution for different environments. A branch plant and a headquarters, for example, would have different needs.
“One size does not fit all for security,” said Burkey. “Customers are looking for flexibility.”
The Check Point approach, said Burkey, allows for multiple configurations for different offices all managed from a single management console with lower investment, lower total cost of ownership, and higher efficiency.
The flexibility comes from the ability to move functionality from one system or another, consolidate or split functionalities between systems, and set usage thresholds to ensure performance. Users can also scale from a single-core system to two, four or eight cores as they add functionalities.
Burkey admitted there is an element of marketing behind the software blades concept, but it does take a concept that can be somewhat daunting and make it easier to understand. He added though that there is a great deal of engineering work behind the new architectural approach as well.
“We needed to re-write everything to take advantage of the multicore architecture,” said Burkey. “We’ve been working hard on this and this is the result. We’re leveraging virtualization within the software itself.”
The new approach will also make for easier implementations. While before hardware, software and network teams would be involved to deploy a new piece of hardware, since the software blade is going into an existing and proven hardware appliance only one team is needed.
“We’re trying to commoditize our hardware platform so customers have the ability to swap in and out software blades as they see fit,” said Burkey.
Check Point is a 100 per cent channel company, and many of its partners sell competitive products as well. Burkey said the blade approach will give Check Point a great advantage with these partners, by breaking from the security vendor pack with a new approach.
“What this does is offer stark differentiation,” said Burkey. “We’re not just trying anymore to say our use of a generic Intel platform is better than others. Tipping Point and IPSS can’t offer this. Cisco comes closest, but it’s an additional hardware module.”
The blade approach also offers partners the chance to upsell into existing Check Point gateway customers. Paul Comessotti, Check Point’s country manager for Canada, said he sees a wide partner opportunity for this in the Canadian market.
“Partners are finding unique opportunities based on their market shares, including some that haven’t traditionally been in this space,” said Comessotti. While some smaller partners had to turn to large players to offer security management, he added these partners will now be able to deliver those services themselves.
Customers will purchase a license key to enable each blade as well as a subscription fee each year to get new signatures, and Comessotti said Partners will enjoy both revenue sources.
“Partners have always enjoyed the renewal revenue, and that will continue,” said Comessotti. “As long as they’re adding value their only competition on that is from other VARs.”
Michelle Warren, an analyst with MW Research and Consulting, said Check Point’s positioning with software blades is interesting and almost comparable to a pay as you consume model, which has been a very popular industry trend going into 2009.
“It’s a way to help explain what they’re selling, and if they can push that multicore strategy that’s a very valid point,” said Warren. “Not many budget owners understand the requirements of multicore technology, so if Check Point can position this as a blade per core, that’s interesting.”
She added Check Point’s 100 per cent channel approach also makes this another positive.
“It arms the channel with yet another tool for the tool kit, and the fact it’s À la carte pricing will work well for resellers looking to distinguish themselves and respond to customer needs,” said Warren.
CheckPoint has also released the R70. Based on its new software blade architecture, the R70 is a security management and gateway solution is designed to fully leverage the new architecture as well as provide enhanced performance and management capabilities.