Feeds

Firewall tech pioneer Gil Shwed: Former teen sysadmin on today's infosec biz

Prince of State(ful) inspection 20 years on

3 Big data security analytics techniques

Feature Twenty years after the technology behind FireWall-1 was first developed, the teenage coding prodigy who founded Check Point says that "IT security is [still] very hot".

Shwed, 44, is the co-founder, chief exec and chairman of Check Point, whose FireWall-1 software, according to the firm, is installed at every Fortune 100 company. Check Point claims FireWall-1 has never been breached.

At the tender age of 10, Shwed began taking weekly computer classes in his home town of Jerusalem and soon began showing up to the computer room every day, so he could learn on his own. By the age of 12, he had secured a summer job coding for a language-translation software company.

Shwed never went to university. While still at school at age 14, Shwed says he started an almost full-time job as a system administrator at Hebrew University in Jerusalem. From the age of 16, the university put him in charge of its computer systems for around two years until he began his national service in the army at age 18.

During his army service in the Israel Defense Forces, Shwed reportedly joined the IDF's Intelligence Corps (Unit 8200) where he put together military computer networks enabling certain users to access confidential materials blocked to other less privileged and trusted users. Shwed kept the idea in mind when he completed his military service in 1990.

After the army, Shwed joined the Israeli startup company Optrotech as a software developer, where he met Marius Nacht.

Shwed, Nacht and another friend, Shlomo Kramer, who had served with Shwed in the IDF, saw the potential of technology to filter and control traffic to separate computers on business networks from the wider internet. The idea that would eventually evolve into FireWall-1 was first developed in April 1993. The three friends started Check Point Software in July 1993, just a few months later.

The trio realised that businesses that connected themselves to the internet would need safeguards, creating a market for the port control protocol and blocking capabilities that were the main feature of early firewalls. The stateful inspection* technology Shwed developed and patented is still in use in modern firewalls, albeit in a highly revamped form.

It's hard to imagine now, but at the time few people knew what the internet was - much less that it posed a network security risk that needed guarding. The World Wide Web was a brand new concept, and browser software had not yet been invented.

Shwed, Kramer and Nacht - all in their early twenties at the time - worked in a relative’s apartment for a year, programming for 12-14 hours a day, before emerging with a product after a year's hard graft.

The team gave FireWall-1 first public debut at the 1994 NetWorld Interop show in Las Vegas. The trio reportedly shared a booth with another company, and brought no promotional items, just their product, FireWall-1. Despite their apparent lack of marketing savvy, FireWall-1 ended up winning the best-in-show award, helping to propel Check Point into the limelight.

In 1994 Check Point signed an OEM agreement with Sun Microsystems. It followed this up with a deal with HP a year later. The firm went public a year after that, in 1996.

Check Point's range of software products includes firewalls, UTM appliances, endpoint security (partly through the Zone Alarms acquisition), virtualisation security, and various products that integrate network management and security.

Shwed has been at the helm throughout. The 44-year-old comes across as an essentially a geek, albeit one with a shrewd business mind, who is proud of the company and the people it employs.

Shwed is a member of the board of trustees of Tel Aviv University and the chairman of the board of trustees of the Youth University of Tel Aviv University. He is also a member of the board of directors of Yeholot Association, which works to reduce dropout rates in high schools. Shwed is more than rich enough to retire or throw himself full time into charity work like Bill Gates but that would mean relinquishing his role at the company, which he obviously relishes. During the keynote for Check Point's European user conference, he spoke of the possibility of remaining at the helm for another 10 or even 20 years.

"I like it, so why should I do something else? The chances of founding another firm that's as interesting and successful aren't high," Shwed said, adding that everyone at the company was working to keep Check Point independent.

Shwed added that the attitude adopted by security vendors and experts has changed over the years from "don't do that it's dangerous" to an attitude more in tune with understanding business requirements, such as implementing secure links to branch offices and home workers using VPN (virtual private network) technology. Firewall technology has moved away from the perimeter and into the data centre, he said.

The Check Point boss reckons that IT security remains an exciting sector for budding entrepreneurs and technologists. "IT security is very hot," Shwed said during a press conference at the recent Check Point Experience user conference in Barcelona, Spain "It gets a lot of attention in the media.

"That said, information security is much more competitive; it's hard to develop something completely new. There are so many segments and sub segments, so you [have to] educate security distributors and the channel.

"But when I first started out I had to persuade people there was a market for the internet, so at least there's not that problem." ®

Bootnote

*A stateful firewall is programmed to keep tabs on the state of network connections (such as TCP streams or UDP communications) which move across it - a feature that made the technology more sophisticated than a simple packet filter.

The technology is designed to distinguish legitimate packets from different types of connections originating from rogue or hacker-generated traffic. Only packets matching a known active connection will be allowed to pass by the firewall; others will be rejected or blocked.

This compares with stateless inspection, which is pure packet filtering. Stateless means there is no memory of previous packets, which makes the firewall vulnerable to spoofing attacks as it has no way of knowing if any given packet is part of an existing connection, is a new connection, or is just a rogue packet.

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.