Check Point NG[s]AI

2017-07-07 02:10:07

S

Safe@ Connector installation, 60

SAM API, using, 342 “343

saving security policies, 241, 390

scalability

firewall proxies vs. packet filtering, 33

Stateful Inspection and, 36 “37

scheduled events, configuring, 194

scripts

INSPECT, 251

IntialPolicy, unloading, 125 “126

user -defined responses, 420, 431

writing, 420 “424, 431

SCV, setting global properties, 489

SDL (Secure Domain Login), 468

searching

for licenses, 84

using SmartView Tracker, 211

Secondary Management Station, 163

secure communications, ensuring between GUI client and management server, 44

Secure Domain Login (SDL), 468, 508

Secure Internal Communication (SIC)

certificates and, 121

Check Point s use of, 6 “7

configuring, 233

Secure Shell (SSH), 54, 203

Secure Sockets Layer (SSL), 203, 514

Secure Virtual Network (SVN) architecture, 3

SecureClient

blocking viruses with, 38

configuring logging, 481

described, 9 “10

installing software, 495 “498

logging into policy server, 510

Packaging tool installation, 63, 78

Policy Server installation, 60

software described, 476

SecureClient Packaging Tool, 63, 78, 464, 499 “509

SecureDHCP service, 17

SecuRemote

configuring, 203

configuring VPN, 457 “462

described, 8 “10

installing client software, 462 “464

using client software, 464 “469

SecuRemote DNS, configuring, 192

SecurePlatform

elements of high-performance configuration, 158

installing VPN-1/FW-1 NG AI on, 146 “151

SecureXL

described, using, 24

extreme performance, 380

Solaris installation screen, 115

SecurID

authentication method described, using, 287

described, 485

when to use, 316

securing host during firewall installation, 52 “58

security

boot, 229

training, 220

security associations (SAs), 437

Security Configuration Verification (SCV) checks, 9

Security Dashboard

described, using, 5 “6

managing NG AI suite with, 4

Security Policy

administration, 390 “391

application of rules to incoming data, 45

backing up, 250

boot process, 393 “394

community involvement in formulation of, 222, 256

default and initial, 228 “229

defining requirements, 221

designing, 223

DNS rule, 241

editing files manually, 252

HTTP and HTTPS rule, 240

implementing, 228 “242

installation methods , 250 “251

installing, 249 “251

policy files, 251 “252

policy options, 247

reasons for, 218 “219

rule using CVP resource, 329

rule using UFP server in URI resource, 338 “339

translating into rules, 230 “242

using CVP, 324 “329

writing, 224 “228

Security Policy tool, installing, 66

Security Server, Global Properties, 202

security servers, 380

Security Sockets Layer (SSL), 8

server objects, 189

server pooling, 174

servers

CVP vs. UFP, 332

fingerprints of, 44

load balancing chained, 331

policy. See policy servers

˜ rooting , 10

services objects, 179

session authentication, 306 “309

session keys in encryption, 436

sessions

logging, 11 “12

OPSEC, 320

SHA-1 encryption, 456

shared secret (encryption), 435

showing. See displaying

SIC module, using, 21 “22

Sign-On Method, client authentication, 305

silent installation, 506

Simple Mail Transfer Protocol. See SMTP

Simple Objects Access Protocol (SOAP), OPSEC option, 351

Simplified Mode, SecureClient VPN connection rules, 495

Single Entry Point (SEP) VPN configurations, 440, 520, 528 “533

site-to-site VPN, 439

SmartCenter installation, 60

SmartCenter Pro, 16

SmartConsole, installation, 61, 77

SmartDashboard

adding rules with, 195 “200

Address Translation tab, 262

customizing, 205

described, using, 25 “26

installation, 78

managing objects with, 160 “161

SmartDefense tab, 551

SmartDefense

Application Intelligence described, using, 560 “564

concurrent connection setting, 556

Cross Site Scripting tab, 562 “563

described, using, 23 “24

fingerprint scrambling options, 558

and IDS, 424

introduction to, 550 “551

updating, 565 “566

using, 551 “552

SmartDirectory (LDAP), 8

SmartLSM

described, using, 15 “16

installation, 63, 78

SmartMap

described, using, 28 “29

topology of objects, 162

using with Policy Editor, 26 “27

SmartUpdate

configuring option, 66

configuring tool, 205 “209

described, 6

described, using, 22 “23, 388 “389

installation, 63

Product of Repository, 23

SmartView Monitor

installation, 60

monitoring functions, 385

SmartView Reporter

creating reports to, 482

described, 10 “12

real-time status monitoring, 40

using, 42

SmartView Status

configuring tool, 211 “212

installation, 78

SmartView Tracker, 10

configuring tool, 209 “210

installation, 63, 78

interfacing with SAM, 427

monitoring firewall traffic with, 414

SMTP (Simple Mail Transfer Protocol)

and CVP resources, 324

described, 15, 527

resource, using, 188

resources, e-mail filtering, 351 “357

viruses that exploit, 38

sniffers, 257

SNMP

daemon (UNIX), 64

security policy settings, 235

vulnerabilities, 65

SOAP (Simple Objects Access Protocol), 351

Sofaware, 16, 60

Solaris

32-bit vs. 64-bit, 50

8 UltraSPARC, SmartConsole non-supported clients , 49

configuring VPN-1/FW-1 NG AI on, 114 “129

guidelines for securing OS, 53

installing VPN-1/FW-1 NG AI on Solaris, 104 “129

startup routing statements, 57

uninstalling VPN-1/FW-1 NG AI from, 129 “138

Solutions Fast Track

advanced VPN configurations, 546 “547

applying NAT, 279 “280

authenticating users, 315 “316

installing, configuring VPN-1/FW-1 NG, 153 “156

managing policies and logs, 408 “409

NG with AI, introduction, 41 “44

OPSEC and content filtering, 363 “366

securing remote clients, 511 “512

security policy, creating, 253 “255

SmartDefense, 567 “568

tracking and alerts, 430 “431

using the GUI, 213 “214

VPN configurations, 470 “471

SonicWall, 437

Spitzner, Lance, 424

spoofing

address, 559

anti-spoof configuration status, 552

IP addresses, 343

SSL (Security Sockets Layer), 8

SSO solutions and UA module, 13 “14

standards, security policy, 224

star configuration, VPN, 448 “449

starting

installation wizard, 152

SecuRemote GUI, 464

SmartDashboard, 160

state synchronization, 95, 525 “528, 547

Stateful ICMP, 183

Stateful Inspection

configuring, 204

technology, 9, 30 “31

static address translation, configuring, 266 “272

static destination rule, 269 “270

status alerting, configuring, 211 “212

Stealth Rule, 239

subnet calculators , Web sites, 168

subnets, configuring firewall interface with, 56

Sun Solaris OS, 20

SunTone Certified kernel, 111

SurfControl, 331

Suspicious Activities Monitoring (SAM), 321, 342, 415

Suspicious Activities Monitoring Protocol (SAMP), 424 “429

SVN Foundation

and improving performance, 382 “383

installing for Solaris installation, 106

installing on Nokia, 142 “144

removing, 101

uninstalling from Solaris installation, 134 “137

Symantec, 332

symmetric encryption, 435

SYN attacks, 556 “558

sync.conf file, 547

synchronizing

connections in cluster, 181

firewalls, 525 “528

state synchronization, 547

SYNDefender, 236

system requirements for VPN-1/FW-1 installation, 49

S

Категории