Security gateway R70
Touch Software Blade
● Obtain R70 media pack for your platform.
Users with valid support contract can download
it from Check Point web
● Hardware infrastructure.
In this test CP R70 SPLAT run in XEN virtual
environment on my Linux notebook (used
sources: 1 core, 1.3GB RAM, 20GB HDD)
● MS Win XP (or similar supported) for firewall
admin as a security rulebase
● Prepare network, config: 1.segment connected
to Internet, 2. isolated segment, cool app.
virt-manager can do it.
● Boot CP R70 SPLAT CD a follow instruction
● Additional changes should be done by CLI or
Install/setup MS Win XP
● Manual set IP adress
● Run IE -> https://splat_ip:443/
● Install SmartDashboard (Webgui -> Product
configuration -> Download SmartConsole)
Software Blades – new feature
A software blade is a logical security building block that is independent, modular and
centrally managed. Software Blades can be quickly enabled and configured into a solution
based on specific business needs. source www.checkpoint.com
Setup topology info
● Important in real environment, helps to discover
connected networks and address spoofing.
Security rule base
● Define basic rules: ⑦implicit drop, ②stealth rule
● Additional rules: ④http with resource, ③dns
traffic and etc...
Network Address Translator
● Define Hide NAT for internal network
Open object mgmt_net,
select chart nat and
enable automatic NAT