Forcepoint next-gen firewall becomes their first solution with Advanced Malware Detection

Forcepoint plans to integrate its new anti-malware service throughout its other products over the next several months.

Security vendor Forcepoint has announced the release of the new version of its Next Generation Firewall (NGFW) software. While it has several new capabilities, the most significant is the addition of support for Forcepoint’s new Advanced Malware Detection service. The NGFW offering becomes the first of Forcepoint’s security products to integrate this technology. It won’t be the last however, as the plan is to extend it to Forcepoint’s cloud access security broker [CASB], Web and email security services by the third quarter.

Forcepoint was created in 2015 when Raytheon Cyber Products, a Raytheon company, combined with Websense into a new company, Raytheon/Websense, which was 80 per cent owned by Raytheon. Its rather clunky name was retired in January 2016, with the rebadged Forcepoint also including two assets purchased from Intel Security: Stonesoft, which had been rebranded as McAfee Next Generation Firewall, and Sidewinder, which had become McAfee Firewall Enterprise. The Stonesoft and Sidewinder technology became the Forcepoint NGFW solution.

Jim Fulton, Director of Product Marketing for the Network Security Business at Forcepoint

“Forcepoint is different from its predecessor companies,” said Jim Fulton, Director of Product Marketing for the Network Security Business at Forcepoint. “The Forcepoint name was launched to represent bringing together several different disciplines – combining the cloud with the communications channel of web and email, and cloud apps, and combining this with a deep understanding of user behavior and data activity and deep networking technology and expertise. It all means being able to secure people and data at the point they come together, which we call the human point.”

Forcepoint is structured into four complementary business areas: cloud, for web and email; the insider threat business, focused on following the data and user behavior; the network security business, which provides visibility; and the government side of the business, which acts as a bridge into the commercial world and the government world

Raytheon owns the company, and of course is focused on defense, but Forcepoint is highly differentiated from it.

“Forcepoint takes what had been Raytheon’s cybersecurity company and commercializes it so it’s applicable to businesses of many different types,” Fulton said. “Forcepoint is very focused on the commercial market.”

Forcepoint’s channel is focused on the three practise areas outside the government space. They have about 2500 partners, a third of whom are in North America. Over 95 per cent of their North American business is fulfilled through the channel. The company’s focus is on enterprises of 10,000 employees and up, and they are trying to move even higher in the market, into the Fortune 1000 and Global 2000.

“Our products are for companies that need global scalability, whether they are using it or plan to grow into it,” Fulton stated. “They are designed for scalability, and use the cloud for ease of deployment.”

Forcepoint has been aggressively growing its NGFW business in North America, competing primarily against Palo Alto Networks and Fortinet, in a market seeing a lot of turnover both from pre-NGFWs and the first generation of NGFW product.

“We have taken these two technologies from Stonesoft and Sidewinder and converged them,” Fulton said. “This technology, before we acquired them, had not had the love they deserved. We look on this not so much as an acquisition, as we do Stonesoft finding its way home.”

The most significant enhancement with this 6.2 release of the NGFW software – in part because it is part of a broader company strategy – is the addition of Forcepoint’s Advanced Malware Detection service to the firewall’s own dedicated capability.

“The cloud service complements the malware service that is done within the firewalls themselves, and thus provides another layer of protection against attacks,” Fulton noted. “It is able to take files that come through the firewall and use techniques including sandboxing to address zero day and APT threats designed to skirt traditional detection.

“We are also the only vendor using the same technology here not just for firewall, but for all our security products – email, web app, even CASB products will all use this consistent way of looking for these advanced threats through all the different paths into an organization, Fulton noted. “When something is found in one channel, the fact can then be sent to all the other channels, which is a faster and more effective way to stop advanced threats. You have many eyes all working together.”

This release also improves the granularity in the control of encrypted traffic, with high-performance inspection of HTTPS connections, command-level control of SSH/SFTP applications, and dynamic enforcement of user privacy mandates.

“Organizations that previously weren’t able to inspect traffic for threats can do that easily with this fine-grained control,” Fulton said. “It makes it easier to deal with privacy mandates, and do so with a very high performance.”

An MSP focused enhancement is the ability of MSPs to offer mission-critical application protection to their clients with Forcepoint Sidewinder Security Proxies, which they can manage centrally. Other enhancements include automation of policy change management to eliminate manual processes, through policy change approvals built into the Forcepoint NGFW management console, and automated scalability in virtualized data centers.

“We have also made workflow enhancements that make it easier to give network admins insights to understand what users are doing, which is part of the mission of company to help understand user intentions to better stop attacks,” Fulton said.

Both the Forcepoint NGFW software release 6.2 and Forcepoint Advanced Malware Detection service are available now. The new malware protection will also be added to Forcepoint CASB, Web and email security services in the third quarter of 2017.