Solved

Smart Dashboard ngx r60

Posted on 2007-03-20
4
3,093 Views
Last Modified: 2013-11-16
Looking for some suggestions  I have a Smart Dashboard ngx r60 (build 418)-Checkpoint Firewall. I am looking for some rules, ideas, suggestions possible looking to use checkpoint vpn application...I really would like to know configurations also...
0
Comment
Question by:whtupdoc001
  • 2
4 Comments
 
LVL 6

Accepted Solution

by:
Dooglave earned 500 total points
ID: 18760747
That's a really broad question!

There are really only three standard rules.
1. Stealth Rule
2. NetBios Rule
<--Accept Rules-->
3. Cleanup Rule

Stealth Rule is to make your GW invisible, it comes before any other rule except VPN Rules and Direct Access Rules like SSH and User Auth:
Source: Any | Dest: GW Object | Service: Any | Action: Drop | Log: No

Netbios Rule is an example of how to weed out unwanted logs:
Source: Any | Dest: Any | Service: NBT | Action: Drop | Log: No

<--This is where  you would put you allowed access rules, like LAN Subnet can access any over http, https, and dns-->

Cleanup Rule is the last rule and is used to drop anything not explicitly allowed, it's also used for troubleshooting.
Source: Any | Dest: Any | Service: Any | Action: Drop | Log: Yes

0
 

Author Comment

by:whtupdoc001
ID: 18761171
Yeh i know that question is very broad. Any good sites or links that discuss this type of stuff?
0
 
LVL 6

Expert Comment

by:Dooglave
ID: 18761221
A good site:
http://www.cpug.org/

There is a ton of information on Check Point's site, They have a bizillion features documented and 10 bizillion NOT documented.
http://www.checkpoint.com/support/technical/documents/docs_r60.html

Just create a free account and you can download these docs.

Focus on the NGX Getting Started first.
Then NGX FireWall and SmartDefense User Guide
Then NGX VPN Guide
0
 

Expert Comment

by:shridhar76
ID: 20349071
Hi ,

Basically ther are two rules , cleanup rule , when you are installing checkpoint the first rule is clean up rule means from any source to any destinatin packets are sent has been dropped and logged and anotherone is stealth rule means someone want to touch you firewall forcefully.

The first rule is Stealth Rule and Last rule is Cleanup rule now you can make custom rules in above of them.

Thanks
shridhar
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now