Security Gateway CP R70

1,114 views
1,018 views

Published on

Play with Check Point firewall R 70

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,114
On SlideShare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
27
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security Gateway CP R70

  1. 1. Check Point Security gateway R70 Touch Software Blade psaxf@psaxf.net
  2. 2. Pre-requisite ● Obtain R70 media pack for your platform. Users with valid support contract can download it from Check Point web ● Hardware infrastructure. In this test CP R70 SPLAT run in XEN virtual environment on my Linux notebook (used sources: 1 core, 1.3GB RAM, 20GB HDD) ● MS Win XP (or similar supported) for firewall admin as a security rulebase builder/designer/management
  3. 3. Net infrastructure ● Prepare network, config: 1.segment connected to Internet, 2. isolated segment, cool app. virt-manager can do it.
  4. 4. Install/setup SPLAT ● Boot CP R70 SPLAT CD a follow instruction ● Additional changes should be done by CLI or WEB Gui
  5. 5. Install/setup MS Win XP ● Manual set IP adress ● Run IE -> https://splat_ip:443/ ● Install SmartDashboard (Webgui -> Product configuration -> Download SmartConsole)
  6. 6. Software Blades – new feature A software blade is a logical security building block that is independent, modular and centrally managed. Software Blades can be quickly enabled and configured into a solution based on specific business needs. source www.checkpoint.com
  7. 7. Setup topology info ● Important in real environment, helps to discover connected networks and address spoofing.
  8. 8. Security rule base ● Define basic rules: ⑦implicit drop, ②stealth rule ● Additional rules: ④http with resource, ③dns traffic and etc...
  9. 9. Network Address Translator ● Define Hide NAT for internal network Open object mgmt_net, select chart nat and enable automatic NAT
  10. 10. Install firewall policy
  11. 11. SmartView Tracker - log gui
  12. 12. Firewall log and troubleshoot ● SmartView Tracker detail output fw monitor, fw log - cli command for advance user
  13. 13. NMAPing fresh installed fw Perfect seal
  14. 14. Eventia Analyzer ● Security event correlation ● nmap scan in fw log -> ∼300 records, Eventia analyzer log -> 1 record
  15. 15. Embedded Anti virus ● Enable AV engine, Smart Dashboard -> Anti- virus & URL filtering chart
  16. 16. eicar test ● www.eicar.com Anti-Virus or Anti-Malware test file should trigger av engine ● Try to download eicar in browser
  17. 17. Eventia reporter - detail report ● Accounting, rule base analysis, trends, graphs and more

×