Members Login
Username 
 
Password 
    Remember Me  
FireWall-1 Gurus Forum -> FireWall-1 Gurus Forum -> Checkpoint NG
Post Info TOPIC: Checkpoint NG
CJ


Status: Offline
Posts: 5
Date:
Checkpoint NG
Permalink  

Hi all, got some pretty basic questions ..


1. What security does the GUI client use when accessing the management console ? (SSH?)


2. What is the easiest way to employ an anti-spoofing policy?


3. What rules should I put in to drop all broadcast/multicast traffic?


Thanks in advance.


CJ



__________________
ccseng2002


Status: Offline
Posts: 84
Date:
Permalink  

1) Checkpoint uses CPMI for the GUI client to connect to the Management server.  Traffic is encrypted but the protocol is checkpoint proprietary.


2) There is no easy to setup anti-spoofing rules.  Make sure all the networks behind the firewall are properly defined.  Otherwise, you will run into problems with anti-spoofing.


3) Use 'stealth' and "clean-up" rule to drop these traffics



__________________
CJ


Status: Offline
Posts: 5
Date:
Permalink  

Thanks for your help. Much appreciated. I wasn't sure that CPMI was encrypted so thanks.


Having the networks defined is fine but is there an implicit rule saying 'nobody from this network' can connect to the external port & no 'external network users' can connect to the internal port? Or should I add this rule myself?


The third one if fine. I have the cleanup and stealth rules in the rulebase, I just wondered whether there was a rule I could enter which would catch all broadcast and multicast and log them separately (or not log them at all)


Thanks again.



CJ



__________________
Page 1 of 1  sorted by
 
Quick Reply

Please log in to post quick replies.
FireWall-1 Gurus Forum -> FireWall-1 Gurus Forum -> Checkpoint NG
Tweet this page Post to Digg Post to Del.icio.us


Create your own FREE Forum
Report Abuse 		Powered by ActiveBoard