Solved

Firewall-1 - novice - Help Please...

Posted on 2001-06-14
7
180 Views
Last Modified: 2013-11-16
I have the dubious pleasure of trying to configure Checkpoint Firewall-1 on an AIX 4.3.1 box for the very first time.

I've discovered today that I cannot use the GUI as I will
need to puchase an additional license to use the X/motif client - which I'm not too happy about. I must be able to
configure from the command line...(?)

The documentation received with the media is not very helpful.

Can any kind soul out there please point me at any worthwhile books/websites which may help me in my quest.

Thanks in advance...
0
Comment
Question by:penguin1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 11

Accepted Solution

by:
geoffryn earned 100 total points
ID: 6191557
Try www.phoneboy.com  It is a good resource for FW-1.
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6193237
-A.I.X I can see but checkpoint was a bad idea..
-You just bought the thing correct ? Why not call the support line & explain the situation ?
0
 
LVL 5

Expert Comment

by:Droby10
ID: 6200360
housenet, just curious what your aversion to checkpoint is...?
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 12

Expert Comment

by:Housenet
ID: 6200517
-Droby10 to be truthfull I do not even have any personal experience with checkpoint. I have never heard anything but very bad things about it from many reliable sources...
-Crappy support, difficult to setup remote clients ..etc..
0
 
LVL 5

Expert Comment

by:Droby10
ID: 6200980
hmmm...we've deployed enterprise fw-1 setups in numerous sites, and have few problems (never on aix, though...sun, nokia, and nt).

clients...? (vpn/management stations)
the vpn clients are a little fickle and occasionally we've seen the stack corrupt in nt installations...but it's rare, and we don't do that many nt installs.

the difficulty with support is that in almost all instances, verisign/checkpoint will attempt to get security/firewall technicians on site to fix the problems...and out of the technicians i know and have worked with they feel that their job is not to reconfigure a policies (that's the companies' role) but to do more of the enterprise architecture and initial installation work.  almost all of the problems they find are with incorrectly configured policies (usually because of an exasterbated rule-base).

-just my 2 cents.
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6202042
Droby, I value your opinion. Are you saying checkpoint is good ?
0
 
LVL 5

Expert Comment

by:Droby10
ID: 6202151
imo, from a security standpoint, there's nothing better...no software firewall has the level and depth of inspection that checkpoint provides, and at the speed in which checkpoint does it...

from a configuration and bell's and whistles standpoint, there's still nothing better...although sometimes those bells and whistles add to the complexity of the beast...the downfall for most has always been finding experienced fw admins and the pricey licensing...

in relation to guantlet, pix, and netscreen; guantlet is less intuitive to use, pix has proven itself to be less of firewall and more of a packet-filter, and it seems netscreen almost matches checkpoint in terms of security, but lacks the level of configuration/options that fw-1 offers.
0

Featured Post

Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question