You're reading from Check Point Firewall Administration R81.10+ A practical guide to Check Point firewall deployment and administration

Product type Paperback

Published in Aug 2022

Publisher Packt

ISBN-13 9781801072717

Length 654 pages

Edition 1st Edition

Concepts

Network Security

Author (1):

Vladimir Yakovlev

View More author details

Table of Contents (21) Chapters

Preface

1. Part 1: Introduction to Check Point, Network Topology, and Firewalls in Your Infrastructure and Lab

2. Chapter 1: Introduction to Check Point Firewalls and Threat Prevention Products FREE CHAPTER

3. Chapter 2: Common Deployment Scenarios and Network Segmentation

4. Chapter 3: Building a Check Point Lab Environment – Part 1

5. Chapter 4: Building a Check Point Lab Environment – Part 2

6. Part 2: Introduction to Gaia, Check Point Management Interfaces, Objects, and NAT

7. Chapter 5: Gaia OS, the First Time Configuration Wizard, and an Introduction to the Gaia Portal (WebUI)

8. Chapter 6: Check Point Gaia Command-Line Interface; Backup and Recovery Methods; CPUSE

9. Chapter 7: SmartConsole – Familiarization and Navigation

10. Chapter 8: Introduction to Policies, Layers, and Rules

11. Chapter 9: Working with Objects – ICA, SIC, Managed, Static, and Variable Objects

12. Chapter 10: Working with Network Address Translation

13. Part 3: Introduction to Practical Administration for Achieving Common Objectives

14. Chapter 11: Building Your First Policy

15. Chapter 12: Configuring Site-to-Site and Remote Access VPNs

16. Chapter 13: Introduction to Logging and SmartEvent

17. Chapter 14: Working with ClusterXL High Availability

18. Chapter 15: Performing Basic Troubleshooting

19. Other Books You May Enjoy

Appendix: Licensing

Best practices for Access Control rules

Now, with what we have learned in the previous section, let's combine Check Point's own best practices for Access Control rules as printed in their user guide, with a few additional suggestions:

When a new policy is created, a single explicit cleanup rule is automatically included. Change its Track settings to Log.
On top of the policy, create a rule allowing https and ssh_version_2 access to the gateways and cluster members from the IPs of your Check Point administrators' PCs. This rule, together with the next, the stealth rule, will limit the exposure of your gateways if Gaia's System Management | Host Access | Allowed Hosts contains default settings allowing connectivity from any IP address.
The second rule from the top should be created, named the stealth rule, and configured to deny direct access to the gateways from Any source.
Create section titles above these three rules describing their purpose...

The rest of the chapter is locked

You're reading from Check Point Firewall Administration R81.10+ A practical guide to Check Point firewall deployment and administration

Table of Contents (21) Chapters

Best practices for Access Control rules

Authors (1)

Personalised recommendations for you

You're reading from Check Point Firewall Administration R81.10+ A practical guide to Check Point firewall deployment and administration

Table of Contents (21) Chapters

Best practices for Access Control rules

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you