Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Check Point Firewall Administration R81.10+
Check Point Firewall Administration R81.10+

Check Point Firewall Administration R81.10+: A practical guide to Check Point firewall deployment and administration

Arrow left icon
Profile Icon Vladimir Yakovlev
Arrow right icon
£16.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9 (10 Ratings)
Paperback Aug 2022 654 pages 1st Edition
eBook
£7.99 £34.99
Paperback
£43.99
Subscription
Free Trial
Renews at £16.99p/m
Arrow left icon
Profile Icon Vladimir Yakovlev
Arrow right icon
£16.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9 (10 Ratings)
Paperback Aug 2022 654 pages 1st Edition
eBook
£7.99 £34.99
Paperback
£43.99
Subscription
Free Trial
Renews at £16.99p/m
eBook
£7.99 £34.99
Paperback
£43.99
Subscription
Free Trial
Renews at £16.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. £16.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

Check Point Firewall Administration R81.10+

Chapter 1: Introduction to Check Point Firewalls and Threat Prevention Products

In this chapter, we will learn about the past and the present of Check Point Software Technologies in the context of evolving cybersecurity challenges. We will become familiar with the three main product lines, their components, and their relevance to the threat prevention capabilities of Check Point firewalls. We will examine the flexibility and advantages of security management architecture, address the learning process, and go through the user and account creation process in preparation for the following chapters.

In this chapter, we are going to cover the following main topics:

  • Learning about Check Point's history and the current state of the technology
  • Understanding the Check Point product lineup and coverage
  • Introducing the Unified Management concepts and the advantages of security product consolidation
  • Familiarization with the Security Management Architecture (SMART)
  • Determining how we learn
  • Navigating the Check Point User Center

Technical requirements

For this chapter, we will need a web browser for access to the Check Point User Center and a smartphone running either iOS or Android, with an authentication manager application of your choice and a time-based, one-time password functionality, such as Google or Microsoft Authenticator, to enable second-factor authentication for access to the User Center.

Learning about Check Point's history and the current state of the technology

To get a sense of the product and the company behind it, it is good to have perspective. When were they founded? How long have they been in business? How consistent is their performance over time? What areas of cybersecurity is the company working in and how well are they rated? To find the answers to these questions, let's look at the past and the present of Check Point Software Technologies.

"In the beginning, there was FireWall-1"

In 1994, FireWall-1, released by Check Point Software Technologies, effectively launched the commercial firewall market and, according to Gartner, Check Point has been named a leader in the Network Firewalls category 21 times since.

The company received the following mention at the Cybersecurity Excellence Awards for 2016: "All of the US Fortune 100, and over 90% of the Fortune 500, rely on Check Point solutions to protect their networks and data." 1

Shortly after launching FireWall-1, Check Point released VPN-1 for remote access and secure connectivity with peers and, over the years, continued to introduce additional components, enhancements, and new products. Since then, the cybersecurity arena has become saturated with many entrants bringing new products to the market. Throughout all of this time, Check Point's expanding product line, and especially their evolving management interface, has been recognized as the gold standard against which all competitors are measured.

Check Point firewalls were originally created to run on multiple operating systems and hardware, hence the name of the company, Check Point Software Technologies.

This is an important distinction when compared with the offerings provided by other vendors that were creating their solutions based on specialized ASICs (Application-Specific Integrated Circuits). When cloud computing ushered in a new era in information technology, Check Point was able to immediately offer the same degree of protection to cloud-based environments as was previously available to traditional infrastructures. Since Check Point enterprise firewalls were running on x86/x64 platforms, they did not require porting or emulation to do that.

Check Point today

Check Point's products are now deployed in 88 countries and more than 100,000 businesses. It has offices in 75 countries, over 3,500 security experts, and a world-acclaimed research and intelligence organization2. Its firewall and threat prevention product line has offerings that cover an entire spectrum of clients; from small offices to enterprises, carrier networks, government agencies, and industrial control systems. They are available in the largest number of cloud services, including Amazon AWS, Microsoft Azure, Oracle Cloud, Google Cloud services, Alibaba Cloud, and IBM Cloud.

Check Point Software Technologies was recognized as a Microsoft Security 20/20 Partner Award Winner for Most Prolific Integration Partner in 2020, and for Most Transformative Integration Partner in 20213.

By protecting networks, hosts, data, workloads on hypervisors, containers, and microservices from advanced threats while using unified management architecture, Check Point remains at the forefront of cybersecurity. It has grown organically and, through judicious acquisitions and integration of complementary products over the years, and is now the largest publicly traded cybersecurity company in Israel, a nation known worldwide for its remarkably strong information security and intelligence capabilities.

With an unparalleled commitment to product evolution and quality, its ever-growing list of partners, dedicated support for automation, and orchestration for organizations adopting DevSecOps practices, it is the best choice for anyone looking to embark on their journey of becoming a member of the cyber defense elite.

Now that we've learned a little about the company's history, let's take a look at Check Point's product line.

Understanding the Check Point product lineup and coverage

The scope of Check Point offerings could be better understood when looking at the following chart depicting the three main branches of products:

Figure 1.1 – Check Point unified security architecture components

Figure 1.1 – Check Point unified security architecture components

The Quantum branch is primarily concerned with hardware appliances, but it does include Check Point's own cloud-hosted scalable management solution (Quantum Smart-1 Cloud).

The small business appliances in the Quantum branch are running an embedded version of Check Point's firewall. They are different from the rest of the lineup in that category, but they, too, could be managed from the same centralized management solutions as the rest.

The CloudGuard branch, while primarily concerned with cloud-based solutions, includes those for the on-premises virtualization environments, such as VMware vSphere, Microsoft Hyper-V, and Nutanix. Additionally, the management servers deployed in the cloud as VMs are also considered to be part of the CloudGuard product line.

The Harmony branch contains solutions necessary to safeguard endpoints inside, as well as outside, of your organization (including BYOD and mobile devices) and to provide your users with multiple choices for secure remote connectivity.

Now that we have learned about the scope of Check Point products, let's take a look at the benefits of having a single vendor solution protecting your infrastructure and data.

Introducing the Unified Management concepts and the advantages of security product consolidation

Historically, security-conscious enterprises were practicing defense-in-depth by layering and combining multiple solutions in the hope of preventing systems and network compromise. While this approach was viable 10 years ago, it is getting progressively more difficult to maintain it.

Let's look at the evolution of the threats over time to get a better idea of why this is so by using the following diagram:

Figure 1.2 – Attack generations and types, escalation, and the response over time

Figure 1.2 – Attack generations and types, escalation, and the response over time

In addition to the complexity and advances of the attacks, the numbers of bad actors, as well as the number of different attacks, are increasing exponentially. The field of offensive cybersecurity is attracting an ever-increasing number of people, not all of them ethical hackers. This contributes to the snowballing effect and the number of compromised systems, networks, and companies. The latest batch of attacks focusing on the supply chain is yet another manifestation of this trend.

The sheer number of cybersecurity vendors and point solutions, each trying to address different problem areas, makes it a virtual impossibility for smaller teams to manage them effectively. It takes years to gain proficiency with a single product, let alone multiple ones. Add to this the rapid development cycles of each vendor trying to keep up with evolving capabilities of cybercriminals and offerings by competition, and you will have to spend most of your time learning about new features and changes in all of these products, while at the same time fighting compatibility issues.

For a while, the combination of Security Information and Event Management (SIEM) solutions as hubs for the consolidation of logs, their correlation, and Security Orchestration Automation and Response (SOAR) actions based on pre-defined conditions looked like a possible solution to this problem. However, these options failed to address the multi-vendor cost of human capital, further complicating the operations of smaller security teams. They are now primarily relegated to larger enterprises, carrier networks, and Managed Security Services Providers (MSSPs) that can afford to keep staffed Security Operations Centers (SOCs) and dedicated data science and analytics specialists. For most other companies, SIEMs are either becoming log graveyards or are mostly used for after-the-fact investigations and audits, but not for proactive threat prevention.

Important Note

For the organizations that do utilize SIEMs, Check Point has out-of-the-box integration with ArcSight, LogRhythm, QRadar, RSA, McAfee, Splunk, and Sumologic, and its log exporter can be configured to work with any syslog-, CEF-, LEEF-, and JSON-compliant product. There is also a dedicated Check Point app for Splunk (https://sc1.checkpoint.com/documents/App_for_Splunk/html_frameset.htm) for seamless integration.

Serious advances in active prevention or response have also been made by several dedicated Endpoint Detection and Response (EDR) vendors. Unfortunately, the EDRs are relying on the installation of their agents on managed endpoints. Components of the infrastructure that do not have the agents remain unprotected.

All the networking gear, printers, copiers, conference room equipment, CCTV, building access and environmental controls, and other innumerable Internet of Things (IoT) devices are the shadow army that could be exploited and used for attacks or snooping on your infrastructure. The same applies to all devices on which the OS or firmware is controlled by the vendor or those that are supplied by service providers or business peers.

To compensate, EDR vendors are now actively expanding their integration with partners and going through the rapid acquisitions of complementary businesses to improve the coverage of their products.

Recognizing that the effective prevention of complex modern attacks requires more than just loosely coupled integration between various security tools, in 2017, Check Point developed and introduced its Infinity architecture. Tightly integrated products covering all aspects of security infrastructure with common management and enforcement policies dramatically improve detection and prevention rates.

Check Point was perfectly positioned to address these challenges since its ThreatCloud is one of the most established and largest commercial worldwide threat detection networks. The likelihood of Check Point encountering new attacks or variants of exploits closer to home is pretty good because of its huge global presence. The quality of the data is great since the product coverage extends from networks to endpoints, mobile, cloud, IoT, and industrial systems. Its analytics are supercharged by the ML and AI to identify malware DNA, a set of unique code segments and behavior characteristics that associates each newly encountered malware with a previously known malware family whenever such similarities can be identified. This helps to predict and prevent other, non-immediately apparent attack capabilities and vectors of emerging zero-day threats.

Having all these abilities provided by products from the same security vendor, as well as using common terminology, configuration, logging, analysis, management interfaces, and forensics capabilities, eliminates the complexity and the overhead of multiple point solutions. It also significantly improves your chances of deterrence and the containment of cyber attacks.

In January 2018, the MITRE Corporation released Adversarial Tactics, Techniques, and Common Knowledge version 1 (ATT&CK v1), a framework that validated Check Point's vision for unified security. And in the same month, Check Point announced Infinity Total Protection, a simple, all-inclusive, per-user, per-year subscription covering all of its products, including hardware, software, 24x7 premium support, and network security, as well as endpoint, mobile, cloud, and data security with real-time threat prevention.

Competitors realizing the advantages of this approach adopted similar strategies and a new term, Extended Detection and Response (XDR), was coined.

Important Note

Although it is unlikely that your organization is relying on a single vendor's solutions for all or even most of its cybersecurity needs, strategic consolidation resulting in massive benefits should be considered.

Most likely, Check Point firewalls in your environment are a part of the heterogeneous security infrastructure consisting of multiple point products. In this case, it is imperative to understand their roles, capabilities, and limitations in order to extract maximum value from the product while keeping track of what it is not designed or configured to do, and where complementary security solutions should be applied.

Network segmentation, network access control, threat prevention for individual network segments, categories, and hosts continue to remain some of the key elements of overall sound security posture. Having the benefit of threat intelligence generated by sensors present in all categories of information technology covered by the Infinity architecture makes Check Point firewalls some of the most effective threat prevention and detection tools in your cybersecurity arsenal.

Important Note

Check Point's mantra is prevention first, so it is often the case that engineers must, on purpose, disable prevention in the demo environments to showcase the product's detection capabilities at multiple points in the attack's kill chain.

Now that we know that vendor consolidation may yield better overall results by offering unified visibility of attacks, let's look at what the Security Management architecture can do for the administration of the Check Point infrastructure.

Familiarization with the Security Management Architecture (SMART)

Check Point's Security Management architecture is the foundational principle behind the centralized administration of multiple products and devices using common management interface(s).

Smart in the name of Check Point products dates back to when it was used as the acronym for Security Management Architecture. It is now present in the name of management servers and services, as well as Smart-1 products and their components: SmartLog and SmartEvent, Check Point's GUI, and the SmartConsole. There is also a migration tool for transition from competing solutions called SmartMove. In a nutshell, SMART could be described as a collection of the administrative stations, management, log, monitoring, and analytics servers that manage a variety of the gateways, endpoints, cloud-based inspection, and threat prevention products designed to seamlessly work together. It is practically infinitely scalable.

The following is a simple diagram depicting a basic implementation of the Check Point gateway and management infrastructure and their components:

Figure 1.3 – Basic components of Check Point's management architecture

Figure 1.3 – Basic components of Check Point's management architecture

Important Note

Although we commonly refer to it as a firewall, a correct definition would be gateway, where a firewall is just one of the components.

SmartConsole is the Windows-based management client application that is connected to all of your management servers, regardless of the components they are running. It will be your primary interface for managing the Check Point infrastructure.

In the context of network architecture, a basic implementation could look as simple as the following:

Figure 1.4 – All-in-one implementation. Management and gateway on a single device

Figure 1.4 – All-in-one implementation. Management and gateway on a single device

In Figure 1.4, a single all-in-one device is acting as both a management server and a gateway. This is appropriate for the smallest environments that are aspiring to have world-class protection, but either lack the budget or justification to implement a distributed Check Point environment. It is also appropriate for small-scale labs where you may explore new release features and functionality.

In a slightly more demanding environment, which I would recommend as a good starting point, the management server running all of its constituent components resides on a separate appliance or a virtual machine. In this case, the gateway is running on a dedicated appliance as follows:

Figure 1.5 – Basic implementation with a dedicated management server

Figure 1.5 – Basic implementation with a dedicated management server

The advantage of this approach is the ability to manage many gateways from a common management server using a common object database.

Important Note

The functionality of the gateway is not dependent on the availability of the management server: even if it is down for maintenance or is being upgraded, the gateways continue to function and are logging locally. Once the management server comes back online, the logs are being automatically ingested by the management server.

Scaled further, SmartEvent is split from the management and log server to provide dedicated log correlation and reporting, as follows:

Figure 1.6 – SmartEvent log correlation and reporting on a dedicated server

Figure 1.6 – SmartEvent log correlation and reporting on a dedicated server

This is a typical precursor for the expansion to either a multi-site or a hybrid environment, where a common SmartEvent server is used for log correlation, reporting, and analytics with multiple management and log servers. Since SmartEvent cannot be part of high-availability management, it should reside on a separate appliance or virtual machine. This is also one of the ways to offload your existing management server appliance if its utilization is consistently high.

And in a more typical data center environment, high-availability management and site-specific log servers are implemented to manage a larger number of gateways and clusters, as illustrated in the following diagram:

Figure 1.7 – Management high availability with dedicated log servers for multi-site environments

Figure 1.7 – Management high availability with dedicated log servers for multi-site environments

When your gateways and clusters under management generate a massive number of logs, it may be necessary to provide adequately sized log servers for each logically grouped location (typically based on geography or a specific data center).

The environment shown in Figure 1.7 allows you to ensure that the management servers used to create, manage, and install security policies in your environment will perform consistently, irrespective of the load on log servers.

Scaled even further, it may look like this:

Multiple SmartConsoles and API clientsmulti-domain management servers/security management serversmultiple enterprise environments comprised of gateways, clusters, scalable platforms, hyperscale solutions, and/or endpoints  logging to dedicated log servers with monitoring and analytics provided by SmartEvent servers and forwarding logs to an SIEM of your choice

The more complex and expansive your infrastructure, the more granular implementation of Check Point management you may require to assure the necessary performance and redundancy.

Another option that should be specifically mentioned here is Quantum Smart-1 Cloud, a cloud-based management environment that is redundant and scalable on demand to accommodate your enterprise. Check Point takes care of the maintenance updates, upgrades, and high availability in the background, while you are simply administering your infrastructure from it. We will revisit management options in a later chapter to compare the advantages of different choices for specific circumstances.

As you go through this book, you will acquire valuable foundational knowledge equally applicable to all of the implementations described previously.

We now understand that the Security Management architecture allows you to grow your company and maintain the same level of protection, regardless of its scale or model. Before we go all technical, let's look at learning approaches, available options, and the reasoning behind this book's format.

Determining how we learn

There is a widely adopted learning and retention concept representation known as either the learning pyramid or the cone of experience. This is depicted in the following diagram:

Figure 1.8 – Learning and retention4

Figure 1.8 – Learning and retention4

Not everyone agrees with the exact quantification of the results, but there is no denying that the more of these activities and mediums of learning you are exposed to, the better the outcome.

The comprehension of concepts from reading the material varies depending on how well it is written. If the book or guide is well illustrated, it makes it easier to tie the concepts to real-world applications. Watching someone doing it in a video affirms the validity of the printed or static material. When you are working on a subject in your own lab environment, your confidence in being able to reproduce the results and your level of comfort with expanding your knowledge of the subject grow even further.

Follow the instructions in the book and its complementary online materials to get the most out of it. Choose your own names, emails, and fictional or real company names for registration on portals and access to the products we will be using in the lab.

Some of you may not have the necessary computing capabilities at your disposal to replicate the lab. For them, and those who may be reading this book during your commute, the included screenshots should provide a close approximation of the experience.

We now understand the learning methodologies that impact our comprehension and retention. In the next section, we will familiarize ourselves with the Check Point User Center and configure credentials required for access to resources used in the labs.

Navigating the Check Point User Center

The Check Point User Center is the portal for access to a variety of resources, and the place where you will create or manage your Check Point accounts, users, and products. It is also a place where you generate and download licenses and support contracts.

It is accessible at https://usercenter.checkpoint.com.

Figure 1.9 – User Center

Figure 1.9 – User Center

We will be using the ASSETS/INFO and TRY OUR PRODUCTS sections to obtain and maintain our lab licenses as we go through the book.

From the User Center, you can get to Support Center, a place where you can open and manage Service Requests (SRs), report security issues, subscribe to or access the PRO Support portal (a proactive monitoring and reporting service), and gain access to the technical documentation, alerts, subscriptions, product downloads, and search capabilities across SecureKnowledge articles, downloads, documentation, and CheckMates community posts and discussion threads.

The following screenshot shows Support Center:

Figure 1.10 – Support portal

Figure 1.10 – Support portal

Both portals are interlinked, but if you know what you need, it is simpler to get to the right place through a corresponding link.

The Support Center may be accessed at https://supportcenter.checkpoint.com.

Important Note

While it is not necessary to register with Check Point in order to download and try their firewall product, this trial will be limited to 15 days. To extend it beyond the initial 15 days, you will have to go through the registration process to request a trial or lab license(s).

Since we must learn how to register and manage users and accounts and how to license the product, we will now start with the registration process.

Follow these steps to register as a portal user and create an account:

  1. In your browser, go to https://usercenter.checkpoint.com.
  2. When prompted with the Sign In screen, click on Sign Up Now.
Figure 1.11 – Sign Up Now

Figure 1.11 – Sign Up Now

Populate the fields with your information and then click Submit.

Figure 1.12 – Sign Up; user information

Figure 1.12 – Sign Up; user information

  1. The Success! popup will appear; check your mailbox to continue.
  2. Click on Confirm Email in the body of the message.
  3. Create and confirm a suitably strong password using a combination of uppercase and lowercase letters, numbers, and symbols and then click Submit.
  4. Click Sign In.
  5. Enter your username (the same as the email in step 2 and the password from step 5) and then click Sign In.
  6. Once you are logged in for the first time, click on your username in the top-right portion of the screen and then click on the Security shield icon on the left to configure the Multifactor Authentication (MFA).
Figure 1.13 – Securing User Center access

Figure 1.13 – Securing User Center access

  1. Toggle the 2-Step Verification switch to the On position:
Figure 1.14 – Turning on 2-Step Verification

Figure 1.14 – Turning on 2-Step Verification

  1. Enter your mobile phone number, verify that the Text Message option is selected, and then click Verify Phone.
  2. Enter the code received via text message and then click Activate.
  3. Your phone number is now shown as Verified. Click on the Display Backup codes arrow.
Figure 1.15 – Backup codes for 2FA

Figure 1.15 – Backup codes for 2FA

  1. Click on Generate New Backup codes. When backup codes are displayed, click Print. If you do not have a printer connected, print codes to PDF. Click Close.
  2. In the Authenticator App section, click the arrow to the right of Set Up.
  3. Choose your mobile phone platform and then click Next.
  4. If you do not have an authentication application on your phone, install either Microsoft Authenticator or Google Authenticator or your preferred MFA application. When installed, or if already available, add the new account to it by scanning the QR code and then click Next.
  5. If the scan fails (observed on very high-resolution monitors with particular brightness and contrast), click on CAN'T SCAN IT?, manually enter the key into the authentication manager, and then click Next.
  6. Enter the dynamically generated one-time code and click Next. Note the time remaining for the action on your phone while doing it.
  7. The authentication app now becomes the default method for the second factor. Let's look at the following screenshot:
Figure 1.16 – Authentication app as the default 2FA

Figure 1.16 – Authentication app as the default 2FA

We can now securely log on to the User Center and access its resources.

Summary

In this chapter, we learned about the history and the present-day state of the technology and services offered by Check Point. We saw the flexibility and scalability of the Secure Management architecture and learned about the advantages of consolidated security solutions, and why they are emerging as the preferred choice for addressing today's complex threat environments. We have also created and secured our User Center account.

Now that we understand the modular nature of Check Point management architecture, we are ready to look at firewall locations within common network topologies and talk about the significance of their placement.

In the following chapter, we will address where and when certain features are better employed for different outcomes. We will learn how to determine the utilization of your currently deployed firewalls and calculate the capacity for new ones.

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Get a gradual and practical introduction to Check Point firewalls
  • Acquire the knowledge and skills necessary for effective firewall administration, maintenance, and troubleshooting
  • Create and operate a lab environment with gradually increasing complexity to practice firewall administration skills

Description

Check Point firewalls are the premiere firewalls, access control, and threat prevention appliances for physical and virtual infrastructures. With Check Point’s superior security, administrators can help maintain confidentiality, integrity, and the availability of their resources protected by firewalls and threat prevention devices. This hands-on guide covers everything you need to be fluent in using Check Point firewalls for your operations. This book familiarizes you with Check Point firewalls and their most common implementation scenarios, showing you how to deploy them from scratch. You will begin by following the deployment and configuration of Check Point products and advance to their administration for an organization. Once you’ve learned how to plan, prepare, and implement Check Point infrastructure components and grasped the fundamental principles of their operation, you’ll be guided through the creation and modification of access control policies of increasing complexity, as well as the inclusion of additional features. To run your routine operations infallibly, you’ll also learn how to monitor security logs and dashboards. Generating reports detailing current or historical traffic patterns and security incidents is also covered. By the end of this book, you'll have gained the knowledge necessary to implement and comfortably operate Check Point firewalls.

Who is this book for?

Whether you’re new to Check Point firewalls or looking to catch up with the latest R81.10++ releases, this book is for you. Although intended for information/cybersecurity professionals with some experience in network or IT infrastructure security, IT professionals looking to shift their career focus to cybersecurity will also find this firewall book useful. Familiarity with Linux and bash scripting is a plus.

What you will learn

  • Understand various Check Point implementation scenarios in different infrastructure topologies
  • Perform initial installation and configuration tasks using Web UI and the CLI
  • Create objects of different categories and types
  • Configure different NAT options
  • Work with access control policies and rules
  • Use identity awareness to create highly granular rules
  • Operate high-availability clusters

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Aug 29, 2022
Length: 654 pages
Edition : 1st
Language : English
ISBN-13 : 9781801072717

What do you get with a Packt Subscription?

Free for first 7 days. £16.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Aug 29, 2022
Length: 654 pages
Edition : 1st
Language : English
ISBN-13 : 9781801072717

Packt Subscriptions

See our plans and pricing
Modal Close icon
£16.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
£169.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just £5 each
Feature tick icon Exclusive print discounts
£234.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just £5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total £ 121.97
Check Point Firewall Administration R81.10+
£43.99
Network Protocols for Security Professionals
£39.99
Mastering Palo Alto Networks
£37.99
Total £ 121.97 Stars icon
Banner background image

Table of Contents

19 Chapters
Part 1: Introduction to Check Point, Network Topology, and Firewalls in Your Infrastructure and Lab Chevron down icon Chevron up icon
Chapter 1: Introduction to Check Point Firewalls and Threat Prevention Products Chevron down icon Chevron up icon
Chapter 2: Common Deployment Scenarios and Network Segmentation Chevron down icon Chevron up icon
Chapter 3: Building a Check Point Lab Environment – Part 1 Chevron down icon Chevron up icon
Chapter 4: Building a Check Point Lab Environment – Part 2 Chevron down icon Chevron up icon
Part 2: Introduction to Gaia, Check Point Management Interfaces, Objects, and NAT Chevron down icon Chevron up icon
Chapter 5: Gaia OS, the First Time Configuration Wizard, and an Introduction to the Gaia Portal (WebUI) Chevron down icon Chevron up icon
Chapter 6: Check Point Gaia Command-Line Interface; Backup and Recovery Methods; CPUSE Chevron down icon Chevron up icon
Chapter 7: SmartConsole – Familiarization and Navigation Chevron down icon Chevron up icon
Chapter 8: Introduction to Policies, Layers, and Rules Chevron down icon Chevron up icon
Chapter 9: Working with Objects – ICA, SIC, Managed, Static, and Variable Objects Chevron down icon Chevron up icon
Chapter 10: Working with Network Address Translation Chevron down icon Chevron up icon
Part 3: Introduction to Practical Administration for Achieving Common Objectives Chevron down icon Chevron up icon
Chapter 11: Building Your First Policy Chevron down icon Chevron up icon
Chapter 12: Configuring Site-to-Site and Remote Access VPNs Chevron down icon Chevron up icon
Chapter 13: Introduction to Logging and SmartEvent Chevron down icon Chevron up icon
Chapter 14: Working with ClusterXL High Availability Chevron down icon Chevron up icon
Chapter 15: Performing Basic Troubleshooting Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9
(10 Ratings)
5 star 90%
4 star 10%
3 star 0%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




N/A Nov 12, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Feefo Verified review Feefo
Danny Nov 06, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This unique book was written from daily practice of a Check Point expert and enthusiast. This allows the reader to get instantly started with Check Point. Explanations are easy to understand and are often featured by screen shots.I recommend this book to anyone who is interested to get started in Check Point firewall administration or who simply wants to refresh or supplement their knowledge. It is well written in a much easier, more understandable and more practical way than all official Check Point course books I have come across in my 20 years of working with Check Point.
Amazon Verified review Amazon
Andy Sep 01, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I had been dealing with CP products for 15 years now and I can tell effort Vladimir put into it. He explains things really well and even for someone who does not have much experience with Check Point, it would be easy to understand and follow along. I strongly recommend the book.
Amazon Verified review Amazon
Tim Hall Oct 09, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
As someone who has taught authorized Check Point classes since 2004, I'm constantly asked if there are any good introductory books covering Check Point security gateways & management. I was unable to give them a good answer until now with the publication of Vladimir's great new book.Taking a "build it as you learn about it" approach that is ideal for self-teaching, this book fills a serious need for those that are new to Check Point. The book gives you everything you need to work with production Check Point security gateways, imbued with a healthy dose of "real world" expertise and best practices that goes well beyond any official Check Point documentation or training classes. Even if you don't plan to actually build the lab environment specified by the book, just reading it will provide valuable knowledge and fresh insights for a Check Point novice and seasoned expert alike.While not directly intended to be a CCSA exam prep guide, this book does cover many of the same CCSA topics with a slightly different spin; undoubtedly this will be beneficial on the exam to help fill in any gaps in your knowledge.I've worked with Check Point products for 25 years, and even published several books about them myself. However even I gained new insights and tips from reading this "introductory" book. If that fact doesn't convince you that this book is a worthy addition to your collection, I don't know what will. My highest recommendation and well done Vladimir!Timothy HallAuthor "Max Power 2020: Check Point Firewall Performance Optimization" (Third Edition)
Amazon Verified review Amazon
Danny Sep 16, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Die Besonderheit dieses Buches ist, dass es von einem echten Check Point Experten aus der täglichen Praxis heraus verfasst wurde. Das erleichtert besonders den Einstieg in den Umgang mit Check Point. Zudem wird durch die sehr verständlichen und praxisnahen Ausführungen der Inhalt sehr anschaulich und nachvollziehbar gestaltet.Ich empfehle dieses Buch jedem, der an einem nachhaltigen Einstieg in die Check Point Firewall Administration interessiert ist oder auch einfach nur sein Wissen auffrischen bzw. ergänzen möchte. Es ist einfach viel leichter, verständlicher und praxisnäher geschrieben, als sämtliche offiziellen Check Point Kursbücher, die ich in meinen 20 Jahren Umgang mit Check Point kennengelernt habe.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.