Check Point NG[s]AI

Managing Objects

• Do not be stingy: Create as many objects as necessary to support your rule base. You only need to do it once, but you can use them dozens of times.

• Save time and complexity by using groups of objects and users.

Adding Rules

• Remember that the order in which your rules are displayed is the order they are enforced.

• Save time by using cut/paste when creating similar rules. It is easier to edit one field than to create a new rule.

• Remember that your security policy is enforced on more than just your firewall modules. Routers and other OPSEC devices may also be impacted.

Global Properties

• Be aware of the default settings within the Global Properties and how these may impact the operation of your firewall.

• Make sure that you tailor the implied rules to suit your site s needs. Do not live with the default entries; they probably will not be just what you need.

Secure Update

• Use SmartUpdate to track license and version information enterprise-wide from a single point.

• Take advantage of the Check Point VPN-1/FW-1 central licenses to ease the crunch of enterprise management.

SmartView Tracker

• Do not live with the default view. Take advantage of the customizations offered to create views that suit your needs.

• Remember that the SmartView Tracker is also home to the Block Connection feature; keep it close at hand.

• Do not be afraid to try experiments with new and advanced features!

SmartView Status

• Make use of the features in this tool.

• System Status is as important to your enterprise as any other factor. This tool enables you to keep an eye on the health of your infrastructure, which is never a bad thing.