Like many other security vendors, Check Point Software has been building up its cloud-based reporting and notification system. It’s a natural fit, after all. These vendors have a lot of resources dedicated to finding and dealing with the latest security threats, and automatically routing customer data into those resources, and the solutions those resources create out to customers, just makes sense.
For Check Point, the offering is called ThreatCloud, and it’s taking an even more important role in the company’s offerings of late. And Paul Comessotti, country manager for Check Point Canada, would like to see it taking on a more important role for the company’s partners as well.
Recent enhancement have opened up ThreatCloud in a transition from a simple reporting-and-remediation network to a range of possible solutions that approach the territory of vendor-supported managed security services.
But Comessotti said that’s not necessarily being recognized by the company’s channel partners.
“It’s astonishing the number of partners, from a sales rep perspective, that don’t understand the ThreatCloud offering and how it can help them be a trusted advisor to their customers,” Comessotti said. “Partners haven’t locked onto this because some of them are so focused on the transaction, in a lot of cases.”
But partners who have caught on “are getting serious stakes into the ground with their customers,” Comessotti said. Those “stakes” come from offering customers a proactive approach to security, and one that doesn’t involve per-incident fees that need to be discussed and developed when the network is already either down or compromised.
The expansions take ThreatCloud into the territory of security monitoring and dealing with security incidents on a subscription basis. This is, of course, traditional MSP territory. But Comessotti doesn’t see it as a potential source of channel conflict. The company has long offered managed services through the channel – managed intrusion prevention for SMB customers, for example – and monitoring service. But now, with ThreatCloud, it’s moving into management and incident response. And that, Comessotti suggests, is not necessarily something the company’s channel partners have the appetite or the ability to take on themselves.
“More and more partners are saying it’s too expensive for me to run a monitor-only type of environment,” he said. In many ways, it’s a Big Data problem for solution providers – there’s a lot of data to crunch on a solution that has to be low-cost. “We’ve seen more and more solution providers getting out of that business, and the boutique security shops and the networking shops are starting to drive more towards professional services engagement.”
Comessotti said handing over that management engagement to Check Point’s ThreatCloud can be a good way to deal with it – take advantage of the vendor’s scale, and still offer a productive and profitable service that is a recurring revenue model. “When [partners] sell something, we never take that direct in year two, three, four, five or beyond,” he said. “That becomes their recurring revenue streams.”
The transition from passive monitoring to active management is a big one for ThreatCloud, Comessotti said, and one he believes could form the core of new successful and profitable solution for many of the company’s solution providers, if they’d just give it a chance.
“Our number-one challenge is that they don’t understand what ThreatCloud does,” he said.