Check Point NG[s]AI

P

packet filtering

editing files manually, 393

vs. proxy server, 31 “33

Packet Sanity verification, 554

packets

filters. See packet filtering

firewall drops and rejects, 257

fragmented , handling by FW-1, 45

Performance Monitor, FW-1 counters, 385 “386

rule base processing of, 380

setting minimum size , 557

SmartDefense checks, 551

passwords

administrator, 64

NT, using to for remote logon, 513

operating system, authentication method, 288

RADIUS, 290

strength, 313

patches, obtaining updated, 388

peer-to-peer blocking, 563 “564

performance

administrator s goals, 372

configuring NG AI for, 372 “376

firewall proxies vs. packet filtering, 33

improving by controlling QoS priorities, 14 “15

monitoring NG AI for performance, 382 “386

platform-specific tools, 385

SecureXL API technology and hardware acceleration, 380

Stateful Inspection traffic control, 36

Performance Monitor, FW-1 specific counters for, 385

Perimeter Network Security Policy, 219

defining rule base, 237

drafting, 221 “222

sample, 225 “228

permissions, security policy, configuring, 237

Persistent server mode, option described, 175

Pest Patrol, 491

.PF files, 251, 255, 393

ping

floods, preventing, 554

load balancing, 175

testing for VPNs, 455, 472

pivot, load sharing, 522

pkginfo command, 130

pkgrm command, 129 “132

PKI (Public Key Infrastructure), SIC and, 22

plaintext, 434

planning OS password authentication, 288

platforms, choosing OS for your company, 21

PMTU attacks, 557

point-to-point applications, protection for, 566

pointer (PTR) records, 59

policies

Desktop Security, 30, 482 “484

FloodGate-1, 14 “15

logging, 393 “400

security. See Security Policy

Policy Editor

See also SmartDashboard

FloodGate-1 policy loaded in, 14 “15

integration with Visual Policy Editor, 29

using, 26 “27

policy profiles, creating and pushing to remote firewalls, 15

Policy Server, using, 29 “30

policy servers

installing and configuring, 476 “479

installing on two firewalls, 513

logging into, 510

port 135, defining for application access, 187

port 443, SecurePlatform and, 514

port scanners , scanning, 257, 387, 559

ports

dynamic, SmartDefense configuration, 559 “560

VPN, and protocols (table), 469

power supplies , preventing interruptions, 516

preventative security controls, 223

Principle of least privilege, 195

print sharing, File and Print Sharing Worm Catcher, 564

privacy, encryption and, 434

processes, listing firewall, 406 “407

Product Repository, managing, 389

profiles, user

configuring remote, 499 “500

enabling roaming, 508

properties, user encryption, 459

protocols

See also specific protocol

custom, and security policy, 256

encryption (table), 504

Provider-1

creating policies with SmartLSM, 16

described, 6 “7

proxy firewalls, 31 “33

proxy servers vs. packet filter and OSI reference model, 31 “33

public key encryption, 435

Public Key Infrastructure (PKI), SIC and, 22

putkeys command, 547