January 18, 2007

Check Point Software’s unusual appliance strategy

Check Point Software is the traditional leader in the firewall market, having seized large market share in its early days by innovating convenient, GUI-based policy management tools. Except in niches, its competitors today are mainly networking giants Cisco and Juniper. (Juniper acquired Netscreen in 2004.) Unlike most other security software vendors, Check Point continues to focus on being a packaged software vendor (but see below). Even so, almost all Check Point software is sold either on appliances or as a “virtual appliance.” I’ll explain.

Check Point started out selling software on Sun boxes and the like. Rather than get into appliances itself, it formed partnerships with hardware vendors who’d roll its software into appliances, and soon a lot of its business came from this channel, especially via Nokia. This strategy has continued, with Crossbeam Systems joining Nokia in providing large chunks of Check Point’s overall revenue.

While not liking to disclose much in the way of revenue breakdowns, Check Point admits that appliances dominate its business at the high end of the market, where high-speed networking, extra reliability, and so on are important (especially the reliability). Appliances also dominate at the low-end, where ease of deployment is crucial. (“Custom” hardware in this case is best represented by an accelerator card called “VPN-1,” made by Silicom, Ltd.) But in the big middle, packaged software is still highly competitive, accounting for (according to outside estimates that the company doesn’t laugh at) half or so of Check Point’s business.

But here’s the thing. Relatively little of that software is still, say, a firewall you can install on a Linux server. Rather, Check Point sells many more firewall/OS bundles, which are (it is claimed) super-easy to install on random Intel-based boxes. These are the “virtual appliances.”* Is this cheaper than a tailored appliance? Well, that depends a whole lot on whether you had an extra box lying around, or whether you have a master maintenance contract with a standard box vendors, and so on. Evidently, many customers think it is, while many other customers prefer physical appliances.

*Check Point also has VMware-based virtual appliances, but so far isn’t getting much uptake of those except for demo purposes.


3 Responses to “Check Point Software’s unusual appliance strategy”

  1. The Monash Report»Blog Archive » Crossbeam Systems — the future of appliances? on January 18th, 2007 2:28 am

    […] The company seems to be doing well. It was founded with a focus on telecom carriers, but gets 40% of its business from enterprises (post-bubble strategy shift). Privately held, it claims many hundreds of customers, with lots of repeat business. There seems to be an analyst study ranking them extremely highly for the high-end of the market. Check Point mentioned Crossbeam to me in the same breath as Nokia as one its two principal revenue sources among appliance partners, which is impressive because the Check Point/Nokia combination goes back to very early days. It also suggests that Crossbeam is selling a lot of stuff. […]

  2. The Monash Report»Blog Archive » Appliances — my conclusions! (For now, at least) on January 31st, 2007 7:03 pm

    […] Type 2 is where most appliance vendors ideally would want to be. Examples can already be found in data warehousing, antispam, and firewall. Also, a variety of platform vendors are interested in supporting virtual appliances, including VMware, Microsoft, maybe IBM, and Crossbeam. Crossbeam’s strategy may be the most interesting of all. • • • […]

  3. The Monash Report»Blog Archive » Check Point caves in on March 1st, 2007 5:09 pm

    […] Not long ago, I wrote of Check Point Software’s unusual appliance strategy. While a lot of their sales were on partners’ Type 1 appliances – custom boxes with standard parts — the only appliances they sold themselves were Type 2 – software-only. […]

Leave a Reply

Feed including blog about enterprise technology strategy and public policy Subscribe to the Monash Research feed via RSS or email:


Search our blogs and white papers

Monash Research blogs

User consulting

Building a short list? Refining your strategic plan? We can help.

Vendor advisory

We tell vendors what's happening -- and, more important, what they should do about it.

Monash Research highlights

Learn about white papers, webcasts, and blog highlights, by RSS or email.