SlideShare a Scribd company logo

Security Gateway CP R70

D
dzihiro

Play with Check Point firewall R 70

Technology
1 of 17
Download to read offline
Check Point Security gateway R70 Touch Software Blade psaxf@psaxf.net
Pre-requisite ● Obtain R70 media pack for your platform. Users with valid support contract can download it from Check Point web ● Hardware infrastructure. In this test CP R70 SPLAT run in XEN virtual environment on my Linux notebook (used sources: 1 core, 1.3GB RAM, 20GB HDD) ● MS Win XP (or similar supported) for firewall admin as a security rulebase builder/designer/management
Net infrastructure ● Prepare network, config: 1.segment connected to Internet, 2. isolated segment, cool app. virt-manager can do it.
Install/setup SPLAT ● Boot CP R70 SPLAT CD a follow instruction ● Additional changes should be done by CLI or WEB Gui
Install/setup MS Win XP ● Manual set IP adress ● Run IE -> https://splat_ip:443/ ● Install SmartDashboard (Webgui -> Product configuration -> Download SmartConsole)
Software Blades – new feature A software blade is a logical security building block that is independent, modular and centrally managed. Software Blades can be quickly enabled and configured into a solution based on specific business needs. source www.checkpoint.com
Setup topology info ● Important in real environment, helps to discover connected networks and address spoofing.
Security rule base ● Define basic rules: ⑦implicit drop, ②stealth rule ● Additional rules: ④http with resource, ③dns traffic and etc...
Network Address Translator ● Define Hide NAT for internal network Open object mgmt_net, select chart nat and enable automatic NAT
Install firewall policy
SmartView Tracker - log gui
Firewall log and troubleshoot ● SmartView Tracker detail output fw monitor, fw log - cli command for advance user
NMAPing fresh installed fw Perfect seal
Eventia Analyzer ● Security event correlation ● nmap scan in fw log -> ∼300 records, Eventia analyzer log -> 1 record
Embedded Anti virus ● Enable AV engine, Smart Dashboard -> Anti- virus & URL filtering chart
eicar test ● www.eicar.com Anti-Virus or Anti-Malware test file should trigger av engine ● Try to download eicar in browser
Eventia reporter - detail report ● Accounting, rule base analysis, trends, graphs and more

Recommended

Cloud HMI - Monitoring, Control and Analyzing from Remote
Cloud HMI - Monitoring, Control and Analyzing from RemoteCloud HMI - Monitoring, Control and Analyzing from Remote
Cloud HMI - Monitoring, Control and Analyzing from Remote
M2M Alliance e.V.
 
proVconnect_IntelligentSystems_DataSheet
proVconnect_IntelligentSystems_DataSheetproVconnect_IntelligentSystems_DataSheet
proVconnect_IntelligentSystems_DataSheetRavi Mark Venkat
 
Mastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installationMastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installation
networkershome
 
Infrastructure management presented to GPNOG (Updated)
Infrastructure management presented to GPNOG (Updated)Infrastructure management presented to GPNOG (Updated)
Infrastructure management presented to GPNOG (Updated)
Ronald Bartels
 
Fortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationFortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationNCS Computech Ltd.
 
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693 SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
Muhammad Adeel Kazim⭐⭐⭐⭐⭐
 
Security_Practices_with_CFEngine-cfgcamp_2016
Security_Practices_with_CFEngine-cfgcamp_2016Security_Practices_with_CFEngine-cfgcamp_2016
Security_Practices_with_CFEngine-cfgcamp_2016Nick Anderson
 
Nagios pawan kumar- stpl 30042012
Nagios pawan kumar- stpl 30042012Nagios pawan kumar- stpl 30042012
Nagios pawan kumar- stpl 30042012Pawan Kumar
 

Recommended

Cloud HMI - Monitoring, Control and Analyzing from Remote
Cloud HMI - Monitoring, Control and Analyzing from RemoteCloud HMI - Monitoring, Control and Analyzing from Remote
Cloud HMI - Monitoring, Control and Analyzing from Remote
M2M Alliance e.V.
 
proVconnect_IntelligentSystems_DataSheet
proVconnect_IntelligentSystems_DataSheetproVconnect_IntelligentSystems_DataSheet
proVconnect_IntelligentSystems_DataSheetRavi Mark Venkat
 
Mastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installationMastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installation
networkershome
 
Infrastructure management presented to GPNOG (Updated)
Infrastructure management presented to GPNOG (Updated)Infrastructure management presented to GPNOG (Updated)
Infrastructure management presented to GPNOG (Updated)
Ronald Bartels
 
Fortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationFortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationNCS Computech Ltd.
 
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693 SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
SANGFOR NGAF FIREWALL SG TECHNICAL PVT LTD 03002019693
Muhammad Adeel Kazim⭐⭐⭐⭐⭐
 
Security_Practices_with_CFEngine-cfgcamp_2016
Security_Practices_with_CFEngine-cfgcamp_2016Security_Practices_with_CFEngine-cfgcamp_2016
Security_Practices_with_CFEngine-cfgcamp_2016Nick Anderson
 
Nagios pawan kumar- stpl 30042012
Nagios pawan kumar- stpl 30042012Nagios pawan kumar- stpl 30042012
Nagios pawan kumar- stpl 30042012Pawan Kumar
 
Identify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilitiesIdentify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilities
GENIANS, INC.
 
Firewall intro
Firewall introFirewall intro
Firewall introamar_panchal
 
Shape your remote connection to your GCE instance
Shape your remote connection to your GCE instanceShape your remote connection to your GCE instance
Shape your remote connection to your GCE instance
DevOps Indonesia
 
Fortinet
FortinetFortinet
Fortinet
ABEP123
 
Unpacking Digium's Switchvox
Unpacking Digium's SwitchvoxUnpacking Digium's Switchvox
Unpacking Digium's Switchvox
Clarotech_Events
 
2014 Security Onion Conference
2014 Security Onion Conference2014 Security Onion Conference
2014 Security Onion Conference
DefensiveDepth
 
Security onion
Security onionSecurity onion
Security onion
Kaustubh Padwad
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
Mostafa El Lathy
 
Network Design and Security Best Practices
Network Design and Security Best PracticesNetwork Design and Security Best Practices
Network Design and Security Best Practices
Mike Sherwood
 
Via TRM Information Security Policy and Disaster Recovery Plan v 022616
Via TRM Information Security Policy and Disaster Recovery Plan v 022616Via TRM Information Security Policy and Disaster Recovery Plan v 022616
Via TRM Information Security Policy and Disaster Recovery Plan v 022616
Via TRM
 
BGP FlowSpec experience and future developments
BGP FlowSpec experience and future developmentsBGP FlowSpec experience and future developments
BGP FlowSpec experience and future developments
Pavel Odintsov
 
Virtual Firewall Management
Virtual Firewall ManagementVirtual Firewall Management
Virtual Firewall Management
Ragavan Seetharaman
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code Scanner
Luigi Perrone
 
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustProtecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Dan Griffin
 
Using MikroTik routers for BGP transit and IX points
Using MikroTik routers for BGP transit and IX points Using MikroTik routers for BGP transit and IX points
Using MikroTik routers for BGP transit and IX points
Pavel Odintsov
 
Nanog66 vicente de luca fast netmon
Nanog66 vicente de luca fast netmonNanog66 vicente de luca fast netmon
Nanog66 vicente de luca fast netmon
Pavel Odintsov
 
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
Netgear Italia
 
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
Netgear Italia
 
Suricata
SuricataSuricata
Suricata
tex_morgan
 
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection toolFastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
Pavel Odintsov
 
The shop
The shopThe shop
The shopmatiseg
 
You give me something
You give me somethingYou give me something
You give me somethingmatiseg
 

More Related Content

What's hot

Identify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilitiesIdentify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilities
GENIANS, INC.
 
Shape your remote connection to your GCE instance
Shape your remote connection to your GCE instanceShape your remote connection to your GCE instance
Shape your remote connection to your GCE instance
DevOps Indonesia
 
Fortinet
FortinetFortinet
Fortinet
ABEP123
 
Unpacking Digium's Switchvox
Unpacking Digium's SwitchvoxUnpacking Digium's Switchvox
Unpacking Digium's Switchvox
Clarotech_Events
 
2014 Security Onion Conference
2014 Security Onion Conference2014 Security Onion Conference
2014 Security Onion Conference
DefensiveDepth
 
Security onion
Security onionSecurity onion
Security onion
Kaustubh Padwad
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
Mostafa El Lathy
 
Network Design and Security Best Practices
Network Design and Security Best PracticesNetwork Design and Security Best Practices
Network Design and Security Best Practices
Mike Sherwood
 
Via TRM Information Security Policy and Disaster Recovery Plan v 022616
Via TRM Information Security Policy and Disaster Recovery Plan v 022616Via TRM Information Security Policy and Disaster Recovery Plan v 022616
Via TRM Information Security Policy and Disaster Recovery Plan v 022616
Via TRM
 
BGP FlowSpec experience and future developments
BGP FlowSpec experience and future developmentsBGP FlowSpec experience and future developments
BGP FlowSpec experience and future developments
Pavel Odintsov
 
Virtual Firewall Management
Virtual Firewall ManagementVirtual Firewall Management
Virtual Firewall Management
Ragavan Seetharaman
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code Scanner
Luigi Perrone
 
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustProtecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Dan Griffin
 
Using MikroTik routers for BGP transit and IX points
Using MikroTik routers for BGP transit and IX points Using MikroTik routers for BGP transit and IX points
Using MikroTik routers for BGP transit and IX points
Pavel Odintsov
 
Nanog66 vicente de luca fast netmon
Nanog66 vicente de luca fast netmonNanog66 vicente de luca fast netmon
Nanog66 vicente de luca fast netmon
Pavel Odintsov
 
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
Netgear Italia
 
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
Netgear Italia
 
Suricata
SuricataSuricata
Suricata
tex_morgan
 
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection toolFastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
Pavel Odintsov
 

What's hot (20)

Identify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilitiesIdentify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilities
 
Firewall intro
Firewall introFirewall intro
Firewall intro
 
Shape your remote connection to your GCE instance
Shape your remote connection to your GCE instanceShape your remote connection to your GCE instance
Shape your remote connection to your GCE instance
 
Fortinet
FortinetFortinet
Fortinet
 
Unpacking Digium's Switchvox
Unpacking Digium's SwitchvoxUnpacking Digium's Switchvox
Unpacking Digium's Switchvox
 
2014 Security Onion Conference
2014 Security Onion Conference2014 Security Onion Conference
2014 Security Onion Conference
 
Security onion
Security onionSecurity onion
Security onion
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
 
Network Design and Security Best Practices
Network Design and Security Best PracticesNetwork Design and Security Best Practices
Network Design and Security Best Practices
 
Via TRM Information Security Policy and Disaster Recovery Plan v 022616
Via TRM Information Security Policy and Disaster Recovery Plan v 022616Via TRM Information Security Policy and Disaster Recovery Plan v 022616
Via TRM Information Security Policy and Disaster Recovery Plan v 022616
 
BGP FlowSpec experience and future developments
BGP FlowSpec experience and future developmentsBGP FlowSpec experience and future developments
BGP FlowSpec experience and future developments
 
Virtual Firewall Management
Virtual Firewall ManagementVirtual Firewall Management
Virtual Firewall Management
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code Scanner
 
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustProtecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
 
Using MikroTik routers for BGP transit and IX points
Using MikroTik routers for BGP transit and IX points Using MikroTik routers for BGP transit and IX points
Using MikroTik routers for BGP transit and IX points
 
Nanog66 vicente de luca fast netmon
Nanog66 vicente de luca fast netmonNanog66 vicente de luca fast netmon
Nanog66 vicente de luca fast netmon
 
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
Wireless NETGEAR - Soluzioni wireless per il business e demo configurazione W...
 
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
Webinar NETGEAR - Il software NMS300 per la gestione ed il controllo completo...
 
Suricata
SuricataSuricata
Suricata
 
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection toolFastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
 

Viewers also liked

The shop
The shopThe shop
The shopmatiseg
 
You give me something
You give me somethingYou give me something
You give me somethingmatiseg
 
British breakfast
British breakfastBritish breakfast
British breakfastmatiseg
 
Cultural agenda January
Cultural agenda JanuaryCultural agenda January
Cultural agenda Januarymatiseg
 
Countries.
Countries.Countries.
Countries.
matiseg
 
Future
FutureFuture
Future
matiseg
 
Whats the time
Whats the timeWhats the time
Whats the timematiseg
 
Dka Management
Dka ManagementDka Management
Dka Management
Home~^^
 
Hypoglycemia2
Hypoglycemia2Hypoglycemia2
Hypoglycemia2
Home~^^
 
Coma In Diabetic Patient
Coma In Diabetic PatientComa In Diabetic Patient
Coma In Diabetic PatientHome~^^
 
Passive voice
Passive voicePassive voice
Passive voice
matiseg
 
chest pain-case 3
chest pain-case 3chest pain-case 3
chest pain-case 3
Home~^^
 
ulnar Entrapment Neuropathy and double crush syndrome
ulnar Entrapment Neuropathy and double crush syndromeulnar Entrapment Neuropathy and double crush syndrome
ulnar Entrapment Neuropathy and double crush syndrome
Home~^^
 
Hyperosmolar Non Ketotic Dm [Autosaved]
Hyperosmolar Non Ketotic Dm [Autosaved]Hyperosmolar Non Ketotic Dm [Autosaved]
Hyperosmolar Non Ketotic Dm [Autosaved]
Home~^^
 
Chest Pain-case 2
Chest Pain-case 2Chest Pain-case 2
Chest Pain-case 2
Home~^^
 
Hypoglycemia
HypoglycemiaHypoglycemia
Hypoglycemia
Home~^^
 
Dka Vs Hhs Suraya
Dka Vs Hhs SurayaDka Vs Hhs Suraya
Dka Vs Hhs Suraya
Home~^^
 

Viewers also liked (18)

The shop
The shopThe shop
The shop
 
You give me something
You give me somethingYou give me something
You give me something
 
Actions
ActionsActions
Actions
 
British breakfast
British breakfastBritish breakfast
British breakfast
 
Cultural agenda January
Cultural agenda JanuaryCultural agenda January
Cultural agenda January
 
Countries.
Countries.Countries.
Countries.
 
Future
FutureFuture
Future
 
Whats the time
Whats the timeWhats the time
Whats the time
 
Dka Management
Dka ManagementDka Management
Dka Management
 
Hypoglycemia2
Hypoglycemia2Hypoglycemia2
Hypoglycemia2
 
Coma In Diabetic Patient
Coma In Diabetic PatientComa In Diabetic Patient
Coma In Diabetic Patient
 
Passive voice
Passive voicePassive voice
Passive voice
 
chest pain-case 3
chest pain-case 3chest pain-case 3
chest pain-case 3
 
ulnar Entrapment Neuropathy and double crush syndrome
ulnar Entrapment Neuropathy and double crush syndromeulnar Entrapment Neuropathy and double crush syndrome
ulnar Entrapment Neuropathy and double crush syndrome
 
Hyperosmolar Non Ketotic Dm [Autosaved]
Hyperosmolar Non Ketotic Dm [Autosaved]Hyperosmolar Non Ketotic Dm [Autosaved]
Hyperosmolar Non Ketotic Dm [Autosaved]
 
Chest Pain-case 2
Chest Pain-case 2Chest Pain-case 2
Chest Pain-case 2
 
Hypoglycemia
HypoglycemiaHypoglycemia
Hypoglycemia
 
Dka Vs Hhs Suraya
Dka Vs Hhs SurayaDka Vs Hhs Suraya
Dka Vs Hhs Suraya
 

Similar to Security Gateway CP R70

26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
Freddy Buenaño
 
Known basic of NFV Features
Known basic of NFV FeaturesKnown basic of NFV Features
Known basic of NFV Features
Raul Leite
 
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To UseNagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios
 
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios SolutionsNagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios
 
Check Point CCSA NGX R71 Course Overview
Check Point CCSA NGX R71 Course OverviewCheck Point CCSA NGX R71 Course Overview
Check Point CCSA NGX R71 Course Overview
daisuke_tanabe
 
Nagios En
Nagios EnNagios En
Nagios En
Aleksey Trusov
 
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICESCENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
Nazmul Hossain Rakib
 
BAS004-1_伺服器硬體基礎_v181026
BAS004-1_伺服器硬體基礎_v181026BAS004-1_伺服器硬體基礎_v181026
BAS004-1_伺服器硬體基礎_v181026
rwp99346
 
Zabbix Monitoring Platform
Zabbix Monitoring Platform Zabbix Monitoring Platform
Zabbix Monitoring Platform
Seyedmajid Etehadi
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days
 
BAS004-1_伺服器硬體基礎_v181026 (View online)
BAS004-1_伺服器硬體基礎_v181026 (View online)BAS004-1_伺服器硬體基礎_v181026 (View online)
BAS004-1_伺服器硬體基礎_v181026 (View online)
rwp99346
 
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi SubsystemTutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Dheryta Jaisinghani
 
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
Tom Paseka
 
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Puppet
 
Event log analyzer by me
Event log analyzer by me Event log analyzer by me
Event log analyzer by me
ER Swapnil Raut
 
AFW: Dynamic Firewalls with Chef and Netfilter
AFW: Dynamic Firewalls with Chef and NetfilterAFW: Dynamic Firewalls with Chef and Netfilter
AFW: Dynamic Firewalls with Chef and Netfilterjvehent
 
IBM Programmable Network Controller
IBM Programmable Network ControllerIBM Programmable Network Controller
IBM Programmable Network Controller
IBM India Smarter Computing
 
System monitoring
System monitoringSystem monitoring
System monitoring
HardikBadola
 
What's New in NGINX Plus R10?
What's New in NGINX Plus R10?What's New in NGINX Plus R10?
What's New in NGINX Plus R10?
NGINX, Inc.
 

Similar to Security Gateway CP R70 (20)

26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
 
Known basic of NFV Features
Known basic of NFV FeaturesKnown basic of NFV Features
Known basic of NFV Features
 
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To UseNagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
 
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios SolutionsNagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
Nagios Conference 2014 - Shamas Demoret - An Overview of Nagios Solutions
 
Check Point CCSA NGX R71 Course Overview
Check Point CCSA NGX R71 Course OverviewCheck Point CCSA NGX R71 Course Overview
Check Point CCSA NGX R71 Course Overview
 
Nagios En
Nagios EnNagios En
Nagios En
 
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICESCENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
 
BAS004-1_伺服器硬體基礎_v181026
BAS004-1_伺服器硬體基礎_v181026BAS004-1_伺服器硬體基礎_v181026
BAS004-1_伺服器硬體基礎_v181026
 
Zabbix Monitoring Platform
Zabbix Monitoring Platform Zabbix Monitoring Platform
Zabbix Monitoring Platform
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
 
BAS004-1_伺服器硬體基礎_v181026 (View online)
BAS004-1_伺服器硬體基礎_v181026 (View online)BAS004-1_伺服器硬體基礎_v181026 (View online)
BAS004-1_伺服器硬體基礎_v181026 (View online)
 
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi SubsystemTutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
 
PRTG
PRTGPRTG
PRTG
 
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
 
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
 
Event log analyzer by me
Event log analyzer by me Event log analyzer by me
Event log analyzer by me
 
AFW: Dynamic Firewalls with Chef and Netfilter
AFW: Dynamic Firewalls with Chef and NetfilterAFW: Dynamic Firewalls with Chef and Netfilter
AFW: Dynamic Firewalls with Chef and Netfilter
 
IBM Programmable Network Controller
IBM Programmable Network ControllerIBM Programmable Network Controller
IBM Programmable Network Controller
 
System monitoring
System monitoringSystem monitoring
System monitoring
 
What's New in NGINX Plus R10?
What's New in NGINX Plus R10?What's New in NGINX Plus R10?
What's New in NGINX Plus R10?
 

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 

Security Gateway CP R70

  • 1. Check Point Security gateway R70 Touch Software Blade psaxf@psaxf.net
  • 2. Pre-requisite ● Obtain R70 media pack for your platform. Users with valid support contract can download it from Check Point web ● Hardware infrastructure. In this test CP R70 SPLAT run in XEN virtual environment on my Linux notebook (used sources: 1 core, 1.3GB RAM, 20GB HDD) ● MS Win XP (or similar supported) for firewall admin as a security rulebase builder/designer/management
  • 3. Net infrastructure ● Prepare network, config: 1.segment connected to Internet, 2. isolated segment, cool app. virt-manager can do it.
  • 4. Install/setup SPLAT ● Boot CP R70 SPLAT CD a follow instruction ● Additional changes should be done by CLI or WEB Gui
  • 5. Install/setup MS Win XP ● Manual set IP adress ● Run IE -> https://splat_ip:443/ ● Install SmartDashboard (Webgui -> Product configuration -> Download SmartConsole)
  • 6. Software Blades – new feature A software blade is a logical security building block that is independent, modular and centrally managed. Software Blades can be quickly enabled and configured into a solution based on specific business needs. source www.checkpoint.com
  • 7. Setup topology info ● Important in real environment, helps to discover connected networks and address spoofing.
  • 8. Security rule base ● Define basic rules: ⑦implicit drop, ②stealth rule ● Additional rules: ④http with resource, ③dns traffic and etc...
  • 9. Network Address Translator ● Define Hide NAT for internal network Open object mgmt_net, select chart nat and enable automatic NAT
  • 12. Firewall log and troubleshoot ● SmartView Tracker detail output fw monitor, fw log - cli command for advance user
  • 13. NMAPing fresh installed fw Perfect seal
  • 14. Eventia Analyzer ● Security event correlation ● nmap scan in fw log -> ∼300 records, Eventia analyzer log -> 1 record
  • 15. Embedded Anti virus ● Enable AV engine, Smart Dashboard -> Anti- virus & URL filtering chart
  • 16. eicar test ● www.eicar.com Anti-Virus or Anti-Malware test file should trigger av engine ● Try to download eicar in browser
  • 17. Eventia reporter - detail report ● Accounting, rule base analysis, trends, graphs and more