asked on

Basic Checkpoint Firewall Configurations

I have to certify new checkpoint boxes being installed. I am more used to the Cisco / Juniper configurations. I am using DISA as my baseline. We have SPLAT (secure platform) and then the firewalls themselves. I have the SPLAT configurations (which look reasonable from a DISA standpoint), but I do not have the firewall configurations. All I have are the firewall rules from checkpoint. For the configuration, I want to know (for example) the following;

1. Are DOS rules configured?
2. Is the firewall patched to the latest stable OS?
3. Does it have AAA installed?
4. Does SSH have incomplete connections shutting down after 15 minutes.
4. SNMP settings.
5. The accounts on the firewalls themselves.
6. When logging into the firewall, can alerts be set up?

etc. All thoughts and opinions are appreciated. I don't fully understand the Checkpoint architecture.

ASKER CERTIFIED SOLUTION

deimark

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

awakenings

ASKER

These are good answers! In regards to #6, can you provide more information about how alerts can be set up for the FW administrator?

#4 is for embryonic connections... For example, if one makes the connection, but doesn't do anything with the connection (for example, log on).

SOLUTION

deimark

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

awakenings

ASKER

deimark,

R71

SSH to the firewall, not through.

Smart defense... That is a good compensating control.

SOLUTION

deimark

membership