Some Gartner analysts are looking other than the network firewall for help in the future. One Gartner analyst, Joseph Feiman, even argues that a 2-year-old technology called "Runtime Application Self-Protection" (RASP) could take over most of the duties of the network firewall.
In a debate between Young and Feiman at the conference, Feiman argued ardently that that RASP — described as an instrumentation of runtime in servers or clients to protect applications against a variety of attacks — is basically a better approach than traditional firewalls because the perimeter is dissolving due to cloud services and mobile. "We're failing with our perimeter security," he said, "I'm asking us to change our view."
Feiman said vendors with RASP products include HP, Prevoty, Shape Security, Waratek, Bluebox and Lacoon Mobile Security. Young, however, scoffed at the notion RASP would be the next big thing to edge out perimeter firewalls, noting RASP products need to be added to each OS or handset it might want to protect.
And how does Check Point's Shwed feel about RASP? He acknowledges he's really not familiar with it, and it's not something that troubles him. What does concern him is how the modern firewall needs to evolve to gain information about ever-more stealthy threats to block them. He thinks information-sharing among security vendors of many kinds is the way forward, and that's what Check Point is pursuing.
Sign up for Computerworld eNewsletters.