Auditing Check Point Firewalls

Auditing Checkpoint Firewalls CSI Annual Conference 1999 Session J7 Ben Rothke, CISSP Network Security Engineer eB Networks, Inc. Iselin, New Jersey [email_address]

About me... ,[object Object],[object Object],[object Object],[object Object]

Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

What is a Firewall? ,[object Object],[object Object],[object Object],[object Object]

What is a firewall audit? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

GAAP & GASSP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Steps to auditing a firewall ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Infrastructure & architecture ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Policy ,[object Object],[object Object]

Policy ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Firewall Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Firewall Security Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Configuration ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Physical Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Change Control ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Backup and Contingency ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Miscellaneous issues ,[object Object],[object Object],[object Object],[object Object]

Network objects ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Security issues with network objects ,[object Object],[object Object]

Services/protocols/users ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

The rulebase ,[object Object],[object Object]

First fit vs. Best Fit ,[object Object],[object Object],[object Object]

Rule 0 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Stealth rule/Cleanup rule ,[object Object],[object Object]

Misc. issues ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

INSPECT ,[object Object],[object Object],[object Object]

INSPECT ,[object Object],[object Object],[object Object],[object Object]

Resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

More resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Tools ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Caveat: Your firewall can graduate magna cum laude from these tools & still be insecure

Books ,[object Object],[object Object],[object Object],[object Object]

Mailing lists ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Conclusion ,[object Object],Source: Lance Spritzer

Any questions? ,[object Object],[object Object]

Thank You!! Ben Rothke, CISSP, CCO Network Security Engineer eB Networks, Inc. [email_address] www.ebnetworks.com Iselin, New Jersey USA

Auditing Check Point Firewalls

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Auditing Check Point Firewalls

Similar to Auditing Check Point Firewalls (20)

More from Ben Rothke

More from Ben Rothke (20)

Recently uploaded

Recently uploaded (20)

Auditing Check Point Firewalls