Check Point NG[s]AI

3DES encryption, 456

8e6_Technologies, 332

A

accelerator cards, 60

access control lists (ACLs)

defining and pushing out, 19

option, security policy, 248

Account Management Client (AMC), 331

Account Manager, 8

accounts, user . See user accounts

ACE servers, authentication, 287

Active Directory and FW-1, 8

ActiveX, removing code from HTML data, 345

Add/Remove Programs, 98

adding

administrators, 86

administrators (Solaris installation), 117 “118

licenses, 206 “207

SmartUpdate package, 389

address range, configuring, 176

Address Resolution Protocol. See ARP

Address Translation Rule Base, limiting NAT rules in, 381

administering

FW-1 for effectiveness, 386 “401

NG AI for performance, 376 “382

security policies, 390 “391

security policies and logs generally , 372

administrators

configuring for firewall installation, 64

configuring for Solaris platform, 116 “117

firewall log management, 394 “400

main administrative goals, 372

passwords, 65

Windows installation, options, 84

AES (Rijindael Advanced Encryption Standard), 9

Aladdin eSafe Protect Gateway, 320

Aladdin Knowledge Systems, 322

alerts

commands, 414 “420

configuring, 419 “420

user-defined, 432

using LEA to generate, 342 “343

algorithms

Check Point encryption (table), 437

decryption, and key management, 436

Diffie-Hellman, 436, 451, 487

Aliroo, 322

AMC and LDAP server interactions, 311

AMON (Application MONitoring) protocols, 321

anti-spoof tracking, 235, 552

Application Intelligence, using, 560 “564

Application Intelligence (R54), 51 “52

application monitoring of OPSEC products, 339 “340

Application-Specific Integrated Circuits (ASICs), 24

applications

client side OPSEC, 341 “343

OPSEC, 320 “322, 367

sharing authentication between, 13 “14

Apply gateway rules to interface direction property, 44

architecture

distributed Client/Server, 19 “20

firewall, 223 “224

Secure Virtual Network (SVN), 3

ARP (Address Resolution Protocol)

automatic, 276

described, using, 264 “266

entries vs. routes, 281

static source, destination modes, 271 “272

arp command, 265

asymmetric encryption, 435

attacks

brute-force, 436

Denial of Service, 550

DoS, 45, 553 “554

MITM, 21

SNMP vulnerabilities, 65

SYN, 556 “558

authentication

client, described, using, 303 “309

defining users for, 292 “298

disabling, 547

external schemes, 316

FW-1 schemes, 286 “292

Global Properties, configuring, 202

LDAP, described, using, 309 “313

session, described, using, 306 “309

templates, using, 293 “297

timeout, configuring, 483

UA module and, 13 “14

and UAA, 343

user, described, using, 298 “303

authenticity, encryption and, 434

automatic ARP, 276

automatic NAT rules, 272 “276

automating reporting, 11

availability, high. See high availability (HA)