checkpoint tranning

8/9/2019 Checkpoint Tranning

1/39

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and


2/39

2

2©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and

Agenda

3

1

2

3 Check Point Product

Check Point Software Blades

4Backup & Restore of the

Configuration

Check Point Architecture


3/39

3


Agenda

3

1

2




Configuration



4/39

4



1. Smart Console

2. Smart Center Server

3. Security Gateway


5/39

5


Stand-Alone Installation


6/39

6


Distributed Installation


7/3977©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and

Smart Console

Smart Console is comprised of server clients , used tomanage NGX Components

Smart Console Components:-

• Smart Dashboard• Smart View Tracker• Smart View Monitor• Smart Event• Smart Update



Smart Dashboard



Log Collection and Tracking Process


10/39



Smart View Monitor



Smart Event

Timelines – See real time information, trends, and anomalies at a glance.

Charts – View event statistics in bar charts or pie graphs.

Maps – Locate source or destination IP on a world map.

Forensics – Drill down by double clicking on Timelines, Charts or Maps.

Group By – Group events based on severity, source, destination or other fields.

Ticketing –

Assign events to administrators for analysis

User Identification – Every log can be associated with Active Directory user names.

ClientInfo – Right click IP address to see processes, hotfixes, and vulnerabilities


13/391313 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone |

Monitor Only what is Important!

Timeline view

Number and

severity of attacks

over time

Simple mouse-

click drill down to

forensic analysis

Customizable –

allows user to

define his own

timelines

Recent

critical events

At-a-glance view

of recent

critical events

Simple mouse-

click drill down to

forensic analysis

Timeline view

Recent critical events

Monitor what is

Important

http://localhost/var/www/apps/conversion/tmp/Local%20Settings/Temporary%20Internet%20Files/Local%20Settings/Administrator/Local%20Settings/Temporary%20Internet%20Files/OLK360/OKhttp://localhost/var/www/apps/conversion/tmp/Local%20Settings/Temporary%20Internet%20Files/Local%20Settings/Administrator/Local%20Settings/Temporary%20Internet%20Files/OLK360/Warninghttp://localhost/var/www/apps/conversion/tmp/Local%20Settings/Temporary%20Internet%20Files/Local%20Settings/Administrator/Local%20Settings/Temporary%20Internet%20Files/OLK360/Connect%20to%20the%20Internet



Additional Capabilities

Display activity by geography



View Event Statistics with over 25 Charts

On-Line Charts

Can be viewed bydifferent criteria

such as:

Severity

Event Name,

Source,

Destination



SmartEvent DLP Support


17/39


Smart Update


18/39


Agenda

3

1

2




Configuration



19/39


Our new security architecture

softwareblades from Check Point

l i


20/39


Total SecurityComplete Security & Management Portfolio

Security Gateway Blades


21/39


Firewall World's most proven firewall secures more than 200 applications, protocols and services featuring themost adaptive and intelligent inspection technology.

IPsec VPN Secure connectivity for offices and end users via sophisticated but easy to manage Site-to-Site VPN

and flexible remote access.

IPS The highest performing integrated IPS solution with the industry's best threat coverage

Web Security Advanced protection for the entire Web environment featuring the strongest protection againstbuffer-overflow attacks.

URL Filtering

Best-of-breed Web filtering covering more than 20 million URLs protects users and enterprises byrestricting access to dangerous Web sites.

Antivirus & Anti-Malware Leading antivirus protection including heuristic virus analysis stops viruses, wormsand other malware at the gateway

Anti-Spam & Email Security Multi-dimensional protection for the messaging infrastructure stops spam, protectsservers and eliminates attacks through email.

Advanced Networking Adds dynamic routing, multicast support and Quality of Service (QOS) to securitygateways.

Acceleration and Clustering Patented SecureXL and ClusterXL technologies provide wire speed packetinspection, high availability and load sharing.

Voice over IP Advanced connectivity and security features for VoIP deployments, featuring enhanced Rate

Limiting protections, Far end NAT and inspection of SIP TLS.

Security Gateway Blades

T t l S it

http://www.checkpoint.com/products/softwareblades/voice-over-ip.htmlhttp://www.checkpoint.com/products/softwareblades/anti-spam-email-security.html


22/39


Total SecurityComplete Security & Management Portfolio

Security Management Blades

E n d p o i n t P o l i c y M a n a g e m

e n t

S m a r t W o r k f l o w

I P

S E v e n t A n a l y s i s

U s e r D i r e c t o r y

N e t w o r k P o l i c y M a n a g e m e n t

L

o g g i n g & S t a t u s

M a n a g e m e n t P o r t a l

R e p o r t i n g

M o n i t o r i n g

S m a r t P r o v i s i o n i n g

E v e n t C o r r e l a t i o n


23/39


Security Management Blades

Network Policy Management Comprehensive network security policy management for Check Point gateways and blades via Smart Dashboard, a

single, unified console

Endpoint Policy Management Centrally deploy, manage, monitor and enforce security policy for all endpoint devices across any sized

organization.

Monitoring A complete view of network and security performance, enabling fast response to changes in traffic patterns and security events.

Management Portal Extends a browser-based view of security policies to outside groups such as support staff while maintaining central policy

control

User Directory Enables Check Point gateways to leverage LDAP-based user information stores, eliminating the risks associated with manually

maintaining and synchronizing redundant data stores.

IPS Event Analysis Complete IPS event management system providing situational visibility, easy to use forensic tools, and reporting.

Smart Provisioning Provides centralized administration and provisioning of Check Point security devices via a single management console.

Smart Workflow Provides a formal process of policy change management that helps administrators reduce errors and enhance compliance.

Reporting Turns vast amounts of security and network data into graphical, easy-to-understand reports.

Event Correlation Centralized, real-time security event correlation and management for Check Point and third-party devices.

Logging & Status Comprehensive information in the form of logs and a complete visual picture of changes to gateways, tunnels, remove users and

security activities


24/39


Inspect Engine


25/39


Policy Installation Overview


26/39


• SIC is used to setup a Secure Communication Channel between the Check Point nodes

(such as Security Management server, gateways or OPSEC modules)• Certificates for authentication

•3DES for encryption.

SIC


27/39


Agenda

3

1

2




Configuration



28/39


Check Point Product

Check Point 4800:


29/39

2929 ©2012 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved

Check Point 4800:Enterprise-Grade, High-End Features

Variety of network interface expansions

Same cards for 4000 and

12000 appliances

Copper and fiber (1GE / 10GE)

Out-of-band management (LOM )

8x1GE onboard ports

Graphic LCDdisplay

Hot-swappable

redundant powersupplies

True Serviceability with Rich Connectivity


30/39


4x 10GBaseF (12200 and higher)

8x 1000BaseT (4800 and higher)

2x 10GBaseF (4800 and Higher)

4x Fiber Optic (All Models)

4x 100BaseT (All Models)

4000 & 12000 IO Cards Modularity

A broad range of supported line cards:


31/39


Software Blades


32/39


Smart-1 Appliances for Smart Event

Smart-1

SmartEvent 25b

Smart-1

SmartEvent 5

Smart-1

SmartEvent 50


33/39


Agenda

3

1

2




Configuration


Backup & Restore


34/39


Backup & RestoreConfiguration

There are two options to take the backup.

• Graphical user Interface

• CLI


35/39


Graphical User Interface(GUI)

• Login to the Gateway/Management via web

browser.• Go to the tab Appliance and select the option

Backup & Restore.

• Select the Backup and start Backup.


36/39


Graphical User Interface(GUI)• Specify the Filename name and they are Five option to store

that file.• Before taking the backup make sure that your GUI clients are

disconnected from Smart center.


37/39


Command Line Interface(CLI)

• Backup Tool (upgrade_export)

• Located at $FWDIR/bin/upgrade_tools

•Usage: upgrade_export [-d] [-h] [-v] Where:

• - the path to export the DB

•-d - prints debug information

•-h - prints this usage

•-v - prints the version

• Restore Tool (upgrade_import)

• Located at $FWDIR/bin/upgrade_tools

•Usage: upgrade_import [-d] [-h]

Where:

• - The location of the exported file

•-v - Prints the version

•-d - Prints debug information

•-h - Prints this usage


38/39


Thank You

Q i ?


39/39

Questions?

checkpoint tranning

Documents