|
Failed logins, tolerance for, 520
Failover
cable, 388–389
Check Point High Availability (CPHA) module, 559–560
clusters with Nokia, 786–787
DMZ networks, 107–109
HA New mode (ClusterXL), 749–755
load-sharing, 760, 765
routing, 574–575
Fault management configuration, 676
Fault-tolerant environment, 254, 826–834
FDDI, 371, 379
Feature Packs, Nokia, 620–621
Features and capabilities, 370, 408
Fiber optic cable, 380
File extensions
.PF, 552–553
.TGZ, 683
.W, 552–553
File Transfer Protocol (FTP)
active and passive modes, 314
connection failure, 720
negotiation, 244
resource objects, 510
secure FTP connections using SSL, 1099–1100
filter command (PIX firewalls), 336–337
Filtering
ActiveX objects, 341
communication protocols, 535
default filters in FireWall-1, 624–625
ingress and egress, 351
Java applets, 341
process, monitoring, 337–339
purpose, 334
URLs, 252, 334–339
FIN scans, 16
Fingerprint of management server, 492, 635
firelogd tool (Firewall Log Daemon)
configuring and compiling, 190–191
description, 186
files from other firewalls, 188–189
message format, 187–188
messages, customizing, 188–189
obtaining, 186
syntax and options, 186–187
Firestarter graphical tool, 159, 161–168
FireWall-1 (Check Point)
backing up, problem in, 703
Backup Gateway feature, 567
command line, 645
description, 69–70
environment variables ($FWDIR), 430–431
filters, default, 624–625
GUI management client, 492
IPSO compatibility, 616–617
options for Nokia Security Platform (NSP), 618–620
panels, 493, 518–521
requirements for version NG FP3, 721
system status, 525–526
upgrading, 645–649
version NG FP3, installing, 721–726, 769
see also Configuration of FireWall-1; VPN-1/FireWall-1 NG on Nokia; VPN-1/FireWall-1 NG on Solaris; VPN-1/FireWall-1 NG on Windows
Firewall appliances, 67–69
Firewall Builder graphical tool, 159–160
Firewall hosts, preparing
administrator permissions and user names, 433
component options, 429–432
disabling services on firewall host, 173, 425–426
DNS, configuring, 428–429
enabling IP forwarding, 427–428
GUI client, 434
licenses, 423–424
requirements, 422–423
security, 424–426
testing routing and network interfaces, 426–427
upgrading, 434–435
see also VPN-1/FireWall-1 NG on Nokia; VPN-1/FireWall-1 NG on Solaris; VPN-1/FireWall-1 NG on Windows
Firewall objects
creating, 641
defining, 540–544
Firewall Service clients, 838–839
Firewall Services Module (FWSM), 370
fixup command (PIX firewalls), 251, 316, 396
Flash activation key, 260
Flash memory, 372
flashfs command (PIX firewalls), 266
FloodGate-1, 618, 722
Floodguard, 349–350
Floppy disk drive, 257
Forwarding, reverse-path (RPF), 351–353
Foundry ServerIron XL content switch, 575
FP3 version of FireWall-1 NG, 721–726, 769
Fraggle attacks, 26
Fragmentation Guard (FragGuard), 347–348
fsck command (UNIX), 683
FTP. see File Transfer Protocol (FTP)
FTP, securing, 670–671
FTP alternative, 669–670
ftp hash command, 745
Functions of firewalls, 129–130, 530
fw commands (FireWall-1), 644–645
fw hastat diagnostic tool, 745–747, 761
fwd process, 559
$FWDIR variable, 430–431
Fwlogsum log tool, 207
fwlogwatch tool
additional features, 207
automatic alerts, 201
automatic HTML report, 205–206
automating, 195–196
CGI scripts, 202–205
customizing, 196–200
description, 191
log, HTML-based, 195
modes, 191–192
options, 192–193
reports, 193–194
root privileges, 200
fwpolicy command (UNIX), 492
FWSM (Firewall Services Module), 370
fwstop and fwstart commands (FireWall-1), 624, 645
FWZ in a VPN
configuring, 582–583
description, 581
gateway parameters, 583–584
limitations, 586
user authentication properties, 594
VPN rules, 584–586
|