awakenings
asked on
Basic Checkpoint Firewall Configurations
I have to certify new checkpoint boxes being installed. I am more used to the Cisco / Juniper configurations. I am using DISA as my baseline. We have SPLAT (secure platform) and then the firewalls themselves. I have the SPLAT configurations (which look reasonable from a DISA standpoint), but I do not have the firewall configurations. All I have are the firewall rules from checkpoint. For the configuration, I want to know (for example) the following;
1. Are DOS rules configured?
2. Is the firewall patched to the latest stable OS?
3. Does it have AAA installed?
4. Does SSH have incomplete connections shutting down after 15 minutes.
4. SNMP settings.
5. The accounts on the firewalls themselves.
6. When logging into the firewall, can alerts be set up?
etc. All thoughts and opinions are appreciated. I don't fully understand the Checkpoint architecture.
1. Are DOS rules configured?
2. Is the firewall patched to the latest stable OS?
3. Does it have AAA installed?
4. Does SSH have incomplete connections shutting down after 15 minutes.
4. SNMP settings.
5. The accounts on the firewalls themselves.
6. When logging into the firewall, can alerts be set up?
etc. All thoughts and opinions are appreciated. I don't fully understand the Checkpoint architecture.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
deimark,
R71
SSH to the firewall, not through.
Smart defense... That is a good compensating control.
R71
SSH to the firewall, not through.
Smart defense... That is a good compensating control.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry... Things came up and I forgot to award points!
ASKER
#4 is for embryonic connections... For example, if one makes the connection, but doesn't do anything with the connection (for example, log on).