What this book covers

Chapter 1, Introduction to Check Point Firewalls and Threat Prevention Products, covers the evolution of Check Point security products and capabilities, security management architecture, and the creation of a user account to access relevant software and information.

Chapter 2, Common Deployment Scenarios and Network Segmentation, looks at firewall placement in common network topologies, network segmentation, as well as performance and capacity assessments of existing firewalls.

Chapter 3, Building a Check Point Lab Environment – Part 1, delves into lab topology, components, software, and resources, as well as looking at the installation of Oracle VirtualBox, deployment, and describing a process configuration of a virtual router.

Chapter 4, Building a Check Point Lab Environment – Part 2, explains creating Windows Server and Check Point base images and creating and preparing linked clones for the rest of the lab components.

Chapter 5, Gaia OS, the First Time Configuration Wizard, and an Introduction to the Gaia Portal (WebUI), introduces Gaia, the operating system in use by Check Point management servers and gateways. This chapter also covers the First Time Configuration Wizard and Gaia web interface.

Chapter 6, Check Point Gaia Command-Line Interface; Backup and Recovery Methods; CPUSE, covers accessing and using the Check Point Gaia command-line interface and expert mode shells. Backup and recovery options and Check Point Update Service Engine are also covered.

Chapter 7, SmartConsole – Familiarization and Navigation, provides a detailed examination of SmartConsole features, components, and capabilities and teaches you being comfortable with the Check Point primary management interface.

Chapter 8, Introduction to Policies, Layers, and Rules, covers policy packages, blades (features) used in Access Control policies, and their use in layers. The chapter also looks at policy organization methods, rules’ structure and capabilities, and their placement based on the packet flows and use of acceleration technology.

Chapter 9, Working with Objects – ICA, SIC, Managed, Static, and Variable Objects, looks at the Internal Certificate Authority and Secure Internal Communication and how these factor into the creation of other Check Point managed objects. The chapter also looks at creating your first high-availability cluster and the rest of the objects for lab components, learning about different object types and their properties.

Chapter 10, Working with Network Address Translation, introduces network and port address translation using automatic and manual NAT options. The chapter goes on to look at the use of NAT in object properties, policies, and rules, and additional relevant configuration options, as well as NAT logging and interpretation of NAT log data.

Chapter 11, Building Your First Policy, defines policy structure while accounting for the most common scenarios likely to be encountered in any infrastructure. The creation of rules and, when necessary, additional objects is also covered, as is expanding a policy’s capabilities and granularity by enabling additional features, rules, and objects.

Chapter 12, Configuring Site-to-Site and Remote Access VPNs, looks at configuring VPNs for communication with peers, data, or service providers as well as implementing remote access capabilities using Check Point IPSec VPN features. The chapter also looks at utilizing Access Roles for granular remote access.

Chapter 13, Introduction to Logging and SmartEvent, explains how logging works in Check Point, and how to use different configuration options to best address your infrastructure's logging requirements. The chapter also introduces SmartEvent, which simplifies the work of Check Point administrators by providing enhanced views, reporting capabilities, and automated reactions.

Chapter 14, Working with ClusterXL High Availability, provides an explanation of the ClusterXL HA mechanism, operating a fault-tolerant cluster, and alternative Check Point offerings for high availability and load sharing.

Chapter 15, Performing Basic Troubleshooting, looks at troubleshooting constraints and your actions. The chapter introduces typical issue categories, approaches, and tools helpful for solving them. It also looks at initiating and handling service requests interaction with Check Point Technical Assistance Centers. The chapter goes on to detail resources available from, and interaction with, the CheckMates user community.

Appendix, Licensing, introduces Check Point licensing terminology, specific information for management servers and gateways, and licensing for a lab environment.