When the Covid-19 pandemic was declared in March of 2020 and most every high-tech business became “all remote all the time” literally overnight, my first thought was: I’ve been training my whole life for this.

Because, really, I’ve been mostly working from home since 1998 when I moved from Silicon Valley to Washington State, yet continued to work for companies with offices in Silicon Valley. First, I worked for a now non-existent Check Point reseller, then to what became the Security Appliance business at Nokia, then for Check Point.

Needless to say, I’ve had a LOT of experience with Check Point Remote Access VPN over the years. Experience I put to good use when our customers started asking on CheckMates about the various remote access solutions.

Back in 1998, the applications I was accessing were fairly limited. We’re talking email, maybe a case management system of some sort as I was doing support back in the day, and that’s it. And I’m doing it from one device. Now I’m not only accessing stuff hosted on premise, I’m accessing stuff hosted in the cloud. And I’m doing it from multiple devices.

I’m reminded of Daniel Burrus’ book Flash Foresight, something I wrote about in 2016. Specifically, I’m reminded of his concept of Hard Trends, and three we’re all living with:

• Ever Increasing Connectivity
• Ever Increasing Processing Power
• Ever Increasing Storage

This is both a challenge and an opportunity: both for us as consumers and for the malicious actors out there who exploit this. Is it any wonder we are seeing an ever-increasing amount of Cyber Attacks out there?

All of this has been a boon in the current circumstances. I can tell you that doing conference calls without video back in the 90s and early 2000s was…no fun. And while video adds a human element to talking to people remotely, you miss out on the spontaneous discussions that happen when you’re visiting the office and bump into someone that you might not have planned to have.

And, of course, these conferencing platforms have their security issues also. In addition to the application specific vulnernabilities, there are issues of data soverignty in terms of where the streams are routed through. This is something of concern with any cloud service, of course.

The one thing I think has been made clear from the last 18 months or so is: remote work is going to be “the new normal” for a lot of people. We now have a whole generation of kids who’ve now done school remotely (for better or worse) and I suspect some percentage of them will demand remote work. Heck, even the current generations in the workforce are seeing the value of it.

All of that said, we can’t forget the human touch. Nothing’s going to replace getting together in person. While I can’t say there’s been a huge improvement in remote interaction in the last 20+ years beyond the addition of video (and what amounts to chat apps on a multitude of devices), I feel like as the hard trends I highlight above keep moving forward, we’ll get more “human” interactions over time.

Likewise, Cyber Security isn’t going anywhere. For those practioners, the job will continue to expand into new frontiers, creating new challenges…and opportunities to achieve better cyber security than was possible before. But only if you’re up to the challenge.

Disclaimer: My employer Check Point Software Technologies is up to the challenge of cyber security in an ever-changing and expanding environment. That said, these thoughts are mine.

Ages ago, I had written about this gem I had found in the End User License Agreement for Palo Alto Networks equipment. It’s still there in more or less the same form it was back in 2014:

2.c. Use Restrictions: You shall not: [...] vi. Disclose, publish or otherwise make publicly available any benchmark, performance or comparison tests that you (or a third part contraqcted by you) run on the Products, in whole or in part;

And while NSS Labs is, sadly, no longer around to run afoul of this–they ceased operations on 15 October 2020 due to Covid-19–Palo Alto Networks is still around and still using the legal system to suppress published comparisons of their products to competitors. Their current target: Orca Security, who dared to compare their products against Palo Alto Network’s equivalent offerings and post the result of their findings on the Internet.

As Orca Security Co-founder and CEO Avi Shua points out:

It’s outrageous that the world’s largest cybersecurity vendor (its products being used by over 65,000 organizations according to its website), believes that its users aren’t entitled to share any benchmark or performance comparison of its products. According to its boilerplate contract terms that prohibit “disclosing, publishing, or otherwise making publicly available any benchmark, performance, or comparison tests” of its products, you’re in violation even if you publish the results of an internal comparison of Palo Alto Networks against other products as part of your procurement process. The same goes for the hundreds of Palo Alto Networks reviews on various sites that include G2 Crowd, Capterra, and Gartner Peer Insights. It means that only benchmarks approved by Palo Alto Networks can be published.

Of course, this is from the same company that, on average, takes more than four months to fix reported security vulnerabilities against their product. Explains why pentesters don’t even know their firewalls are there.

Disclaimer: In the interest of transparency, which I believe is a good thing, I know several people at Orca Security as they used to be co-workers at my current employer, Check Point, who did not offer an opinion on this matter. These are just my own thoughts.

February 1999 was the last time I willingly changed employers. That’s…20 years, which, in this day and age, is an eternity to stick with the same employer.

That’s not entirely true. I did change employers in April of 2009 when Check Point Software Technologies completed the acquisition of the Nokia Security Appliance business that I worked in. Because of this, when you look at my official start date at Check Point, it reflects the day I started at Nokia, which was in February of 1999.

More than Two Decades, Actually

But really, my Check Point experience goes back farther than that. It even predates the Check Point Experience conferences currently going on right now, starting in 1996. I began working for a company that resold, among other things, Check Point FireWall-1.

Back then, Check Point didn’t have a support site and there wasn’t much information out there on the Check Point product. I ended up building and maintaining a public FAQ, which got a lot of attention.

That FAQ did lead to my job at Nokia in 1999, where I was hired under a telecommuting arrangement, which at that time was unusual. Most of my co-workers were in the San Francisco Bay Area. I had just recently moved to Washington State, and telecommuted with the occasional trip to the office.

Quite a lot has happened in the decade that followed. Nokia acquired many companies, changed strategies a few times, reorganized, but our business unit that produced appliances that ran primarily Check Point’s software remained. The appliances were quite popular, as was our Technical Support, where I worked in various roles. Our business unit had many names over the years, including: IP Routing Group, Nokia Internet Communications, and Nokia Enterprise Solutions. Our revenues were effectively rounding error when compared to Nokia’s Mobile Phone business at the time, was profitable.

The Winds of Change and a Recession

By the end of 2007, the winds of change were definitely blowing. The iPhone was announced at the beginning of 2007 and took the world by storm. This had a massive effect on the mobile phone market as a whole, and Nokia in particular. More specific to our business unit, I saw an organizational chart that showed our business unit isolated from the rest of Nokia. Which, in some ways, made sense since we operated pretty independently of the larger Nokia. However, it foretold what was to come.

Near the end of September of 2008, a Nokia executive had inadvertently made public they were in the advanced stages of selling the Nokia Security Appliance business to a private investment firm. This began a rather tumultuous 7 month period in my professional career.

While trying to do our jobs keeping customers happy and secure, we were developing plans to become a company independent of Nokia. This involved quite a lot of details that, working for an established company like Nokia, you just don’t think about.

All this planning activity suddenly stopped, or at least management stopped asking about it. Things got oddly quiet. Turns out, the recession that kicked in during October 2008 “cooled off” the potential buyers.

Coming Home to Check Point

Just before Christmas 2008, it was announced that Check Point was buying the Nokia Security Appliances business. After three months of uncertainty, we were starting all over again with a whole different set of concerns. Who would be acquired? Who would end up staying at Nokia? Who would end up having to look for work? And was any of this a good thing?

I’ll spare you the details of the three months that followed, but it involved interviews with people at Check Point, a CFIUS review (we were a US asset that was being purchased by a foreign-owned company), and a lot of unknowns. All, meanwhile, while we were continuing to serve our customers.

In April of 2009, the acquisition of Nokia’s Security Appliance business by Check Point closed. Some ended up staying with Nokia, some came over to Check Point, others were given severance packages. And a whole new adventure began as this was not only a change in employer for me, I changed jobs. Which, as it turns out, was a great thing.

At first, my job wasn’t all that different. I was a sort of backline support for the sales organization, interfacing between sales, R&D, and Product Management. It wasn’t too different from what I was doing at Nokia, actually, just with a different focus (pre-sales).

Eventually, my role evolved into a Security Architect, where I went on customer sites, reviewing their security architecture, providing recommendations for addressing the identified issues along with what Check Point products would best address their needs. This got be a bit closer to the actual sales process.

Back to the Future

Then, at the end of 2016, I was offered an interesting proposal that leads me where I’m at now at Check Point: as the front man for Check Point’s user community: CheckMates. The funny thing is, I’m doing a lot of what I was doing running the FireWall-1 FAQ back in the 1990s, except Check Point is now paying me to do it.

A lot has changed in the last 20 years. The old days were fun, but I’m having the time of my life right now! I’m not just doing some online thing from my basement, I’m getting out there, meeting customers, spreading the good word. Given the significant increase in the velocity and impact of cyber threats, the work that Check Point is doing to prevent them is more important than ever!

And while I’m not talented enough to develop solutions to cyber threats, I can certainly communicate, educate, build trust, and collaborate. I can occasionally develop solutions to some problems as the hundreds of posts on CheckMates and the hundreds of FAQs I published years ago will confirm.

It’s what I’ve always done in my career, and yet, I’m just getting started.

A year ago, I had written a post about competition in the information security space, of which I work as a part of for a vendor that has been in it for nearly a quarter century: Check Point Software Technologies. A few things have changed since I wrote the post and I decided, rather than merely repost my previous post, create a new version of it and update with some relevant information. I’ve removed the old post because it largely says the same thing.

Why I’m In This Industry

The devices, networks, and social institutions we use today are only useful because, on the whole, most people largely trust them. If this trust erodes, people will not make use of them.

It took me many years of working at Nokia to realize that regardless of what I do in life, I am always going to be looking for where the flaws are in the systems and do what I can to improve these systems so they will remain trusted.

As a company, Check Point firmly believes customers deserve the best security for their digital information. That, plus my long-time history with Check Point was why I ultimately decided to go work for Check Point when they acquired Nokia’s Security Appliance Business back in 2009. The talented, smart people I work with day-in and day-out working toward the same goal is why I’m still here, even though some have left for what they see as greener pastures, or at the very least, a different pasture.

What About The Competition

One of the things I’ve always tried to do online is to bring facts, understanding, and details to light. This is what I did with the FireWall-1 FAQ back and the day and what I’m trying to do as part of my effort with Check Point’s user community: CheckMates.

You may have noticed that I occasionally delve into the subject of Check Point’s competition in my online discourse. The main reason I do this is because some of them are saying stuff that flat out isn’t true, a gross misrepesentation, or they advocate a poor approach.

To be clear, I think healthy competition is a good thing. It raises all boats, regardless of who you ultimately use. Despite our differences in approach, there is a common enemy: the malicious actors who attempt to penetrate and disrupt our customers networks. We would do better as an industry to remember that and work better together toward defeating that common enemy.

Despite that common goal, everyone who works for a security vendor, particularly in a sales or marketing capacity, wants to succeed over the competition. As part of that, each vendor puts outs information that puts their offering in the best light. Certainly Check Point has done this with some past marketing campaigns such as:

• Facts vs. Hype
• 50 Shades of PAN

This is all part of normal, healthy competition that happens in any industry.

Palo Alto Networks is clearly a different competitor and seems to play by different rules, particularly with respect to Check Point.

It’s Personal for Palo Alto Networks

Nir Zuk, the co-founder of Palo Alto Networks, drives a car with the license plate CHKPKLR. This was widely known since at least 2005 and a picture of said license plate was featured prominently at their 2016 Sales Kick Off:

The guy up on stage? Their CEO Mark McLaughlin, propagating the “Check Point Killer” message to the assembled masses.

Over the years, I’ve heard countless stories of how Nir Zuk would come in to talk to a (potential) customer and spend a significant amount of time talking about Check Point, to the point where he was thrown out of at least one customer meeting! Given how some customers feel about Check Point, I’m sure that tactic did help to drive some sales.

In the following picture, you can see Palo Alto Networks Chief Marketing Officer Rene Bonvanie with a slide behind him of Check Point CEO Gil Shwed:

To take it one step further, it was recently discovered that Palo Alto Networks has a so-called “Check Point Kill Squad.” This was disclosed by way of a screenshot of what appeared to be an internal portal from Palo Alto Networks. There was no real information in this screenshot, just partial bullet points of a few competitive talking points against Check Point SandBlast and the fact they also have a Competitive team–nothing that wasn’t already widely known or easily to deduce.

Rather than simply ignore it, Palo Alto Networks saw fit to issue a DMCA takedown notice, causing Moti Sagey’s LinkedIn account to be temporarily suspended. Given their propensity to use EULAs as a way to prevent the truth from being disclosed about their products, using a DMCA takedown to needle someone at a competitor doesn’t seem too far fetched.

Conclusion

It’s clear the hatred of Check Point is institutionalized at Palo Alto Networks and that it comes straight from the top. Given they still haven’t fixed potential bypasses in their product two years after they were reported, it makes me question what business they are truly in.

Disclaimer: My blog, my personal opinions. I’m sure you knew that.

After a couple months of mostly being at home (nice change of pace), I’m now taking the Check Point CheckMates community on the road!

Aside from building the community site, where we’ve definitely seen an uptick in activity in recent weeks, part of my charter is to faciliate in-person Check Point meetups. We are starting these in a number of locations! Four in particular I’d like to draw your attention to are ones I will be at!

Sadly, I didn’t get the bright idea to do this before last week, where I was in Cincinnati. However, it’s not too late to see me in the following places over the next few weeks:

• St. Louis: Join us to find out about CheckMates and R80.10!
• London: Leveraging the R80.10 API to Automate and Streamline Security Operations
• Ireland: Live Upgrade of Check Point R77.30 to R80.10
• Seattle: Join us at Naked City Brewing!

Also, while I have your attention, I’d be remiss if I didn’t point out the Ask Me Anything we’re doing with Dr. Dorit Dor and her management team on the 18th of September. Get your questions in now!