IntelliStore could offer a way out. Each security partner sets a price for the intelligence they are feeding to Check Point (which Techworld understands will be competitive), which in turn offers this to its large customer base. If a customer decides it wants a subset of the third-party protection on offer, the partner gets revenue it would otherwise not get and Check Point gets a cut too.
What nobody, including Check Point, knows is what appetite there is for this kind of service let alone how Check Point's customers will get a sense of what they have bought by licensing extra threat intelligence from one or more of the parties. How do they see the benefit?
"You see it in the logs, you see all the events that were blocked," said Check Point founder and CEO, Gil Schwed during a series of briefings at the CPX show.
It might be more user-friendly if subscribers received some kind of report although you suspect that Check Point's typical large enterprise customer actually enjoys paying people to peer a log files for a living. Not everyone will necessarily be that log-centric.
Partners remain upbeat about the potential. A good example of this is iSIGHT Partners, a small US boutique specialising in selling threat feed data to Fortune 100 firms on a daily basis.
"It's a way to get to a market we can't reach direct. There is an ease-of-use component to this because it takes away the pain for the customer. It is turning our intelligence into actionable intelligence," said iSIGHT's SVP products and technology, Sean Catlett.
That's perhaps the biggest disruption of all; feeding intelligence through ThreatCloud potentially solves the bane of this industry which is that large organisations are overwhelmed with news of threats they can't easily or cheaply translate into protection. They are aware of threats but don't have the resources to do much about it.
For another IntelliStore partner, Swedish firm NetClean, the technology is simply a means to find more customers and spread its brand. The company is highly-regarded for its technology used to 'fingerprint' images of child abuse for use in police investigations, but admits that it is never going to be a mainstream system for most organisations. However, if those same organisations can apply digital fingerprints to the files passing in and out of Check Point's gateways without having to do anything, it believes it could be on to a winner.
"We like to see ourselves as having something that everyone should have. This should be as natural as antivirus," said CEO, Christian Berg. "By riding on the Check Point ecosystem it's going to be easier for the customer to get our technology."
Sign up for Computerworld eNewsletters.