Solved

Firewall-1 - novice - Help Please...

Posted on 2001-06-14
7
178 Views
Last Modified: 2013-11-16
I have the dubious pleasure of trying to configure Checkpoint Firewall-1 on an AIX 4.3.1 box for the very first time.

I've discovered today that I cannot use the GUI as I will
need to puchase an additional license to use the X/motif client - which I'm not too happy about. I must be able to
configure from the command line...(?)

The documentation received with the media is not very helpful.

Can any kind soul out there please point me at any worthwhile books/websites which may help me in my quest.

Thanks in advance...
0
Comment
Question by:penguin1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 11

Accepted Solution

by:
geoffryn earned 100 total points
ID: 6191557
Try www.phoneboy.com  It is a good resource for FW-1.
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6193237
-A.I.X I can see but checkpoint was a bad idea..
-You just bought the thing correct ? Why not call the support line & explain the situation ?
0
 
LVL 5

Expert Comment

by:Droby10
ID: 6200360
housenet, just curious what your aversion to checkpoint is...?
0
Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

 
LVL 12

Expert Comment

by:Housenet
ID: 6200517
-Droby10 to be truthfull I do not even have any personal experience with checkpoint. I have never heard anything but very bad things about it from many reliable sources...
-Crappy support, difficult to setup remote clients ..etc..
0
 
LVL 5

Expert Comment

by:Droby10
ID: 6200980
hmmm...we've deployed enterprise fw-1 setups in numerous sites, and have few problems (never on aix, though...sun, nokia, and nt).

clients...? (vpn/management stations)
the vpn clients are a little fickle and occasionally we've seen the stack corrupt in nt installations...but it's rare, and we don't do that many nt installs.

the difficulty with support is that in almost all instances, verisign/checkpoint will attempt to get security/firewall technicians on site to fix the problems...and out of the technicians i know and have worked with they feel that their job is not to reconfigure a policies (that's the companies' role) but to do more of the enterprise architecture and initial installation work.  almost all of the problems they find are with incorrectly configured policies (usually because of an exasterbated rule-base).

-just my 2 cents.
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6202042
Droby, I value your opinion. Are you saying checkpoint is good ?
0
 
LVL 5

Expert Comment

by:Droby10
ID: 6202151
imo, from a security standpoint, there's nothing better...no software firewall has the level and depth of inspection that checkpoint provides, and at the speed in which checkpoint does it...

from a configuration and bell's and whistles standpoint, there's still nothing better...although sometimes those bells and whistles add to the complexity of the beast...the downfall for most has always been finding experienced fw admins and the pricey licensing...

in relation to guantlet, pix, and netscreen; guantlet is less intuitive to use, pix has proven itself to be less of firewall and more of a packet-filter, and it seems netscreen almost matches checkpoint in terms of security, but lacks the level of configuration/options that fw-1 offers.
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question