Solved

Migrating Chechpoint Firewall policies to CyberGuard Firewall policies.

Posted on 2003-11-17
4
435 Views
Last Modified: 2013-11-16
Hi,

I will be migrating my chekpoint firewall to cyberguard firewall. Is anyone out there have experiece this kind of migration before? If so, what are the things to take note of.

Also, I have a few quries to ask.
Is there a was to import firewall polices into Cyberguard other than manually inserting in.

Below are a typical checkpoint policies
_____________________________________________
1 .  Source 1             Destination 1             Service 1        
                                Destination 2             Service 2
_____________________________________________
2 .  Source 3             Destination 3             Service 2        
      Source 3             Destination 4             Service 3
_____________________________________________

Is there a way I can configure it somewhere similiar to it other than grouping them together in Cyberguard.

Thanks alot.
Regards
LS
0
Comment
Question by:angls
4 Comments
 
LVL 3

Accepted Solution

by:
dschwartzer earned 250 total points
ID: 9776652
angls,
I suggest you do it manually. First I'll explain why, then I'll explain how.

Each object in the rulebase has a lot of properties, some of them are obvious, others not; and these not-so-obvious properties may be the ones holding the whole rulebase together. Cyberguard doesn't have the same set of supported features and properties as Check Point does; so any kind of automatic export-import will lose something. If you have a complex or simple configuration, same thing holds. I'd prefer to spend some time to do it properly once, rather then wasting days and months to figure why something is not working and/or behaving weird.

As for how - have a list of objects, and a separate list of rulebases. (BTW, you can select multiple rules in rulebase (in NG) and copy/paste them)
when you're done with the simple (obvious) properties, open a file ($FWDIR/conf/objects_5_0.C for NG, or $FWDIR/conf/objects.C for 4.1) on the management, and see if you've missed some more properties that you should take to the Cyberguard.
Another important thing, is global properties (search :properties) rather close to the end of the file. These properties define the FW behavior globally. You may also need to 'export' some of these...

Good luck,
d

0
 
LVL 1

Expert Comment

by:jancoulson
ID: 10184187
Can I ask why you are moving from Check Point to Cyberguard. Most people would want to do it the other way around :o)
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10976384
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:

--> Accept: dschwartzer


Any objections should be posted here in the next 4 days. After that time, the question will be closed.

tim_holman
EE Cleanup Volunteer
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question