A
access control lists (ACLs)
defining and pushing out, 19
option, security policy, 248
Account Management Client (AMC), 331
accounts, user . See user accounts
ACE servers, authentication, 287
Active Directory and FW-1, 8
ActiveX, removing code from HTML data, 345
adding
administrators, 86
administrators (Solaris installation), 117 “118
licenses, 206 “207
SmartUpdate package, 389
address range, configuring, 176
Address Resolution Protocol. See ARP
Address Translation Rule Base, limiting NAT rules in, 381
administering
FW-1 for effectiveness, 386 “401
NG AI for performance, 376 “382
security policies, 390 “391
security policies and logs generally , 372
administrators
configuring for firewall installation, 64
configuring for Solaris platform, 116 “117
firewall log management, 394 “400
main administrative goals, 372
passwords, 65
Windows installation, options, 84
AES (Rijindael Advanced Encryption Standard), 9
Aladdin eSafe Protect Gateway, 320
Aladdin Knowledge Systems, 322
alerts
commands, 414 “420
configuring, 419 “420
user-defined, 432
using LEA to generate, 342 “343
algorithms
Check Point encryption (table), 437
decryption, and key management, 436
Diffie-Hellman, 436, 451, 487
AMC and LDAP server interactions, 311
AMON (Application MONitoring) protocols, 321
anti-spoof tracking, 235, 552
Application Intelligence, using, 560 “564
Application Intelligence (R54), 51 “52
application monitoring of OPSEC products, 339 “340
Application-Specific Integrated Circuits (ASICs), 24
applications
client side OPSEC, 341 “343
OPSEC, 320 “322, 367
sharing authentication between, 13 “14
Apply gateway rules to interface direction property, 44
architecture
distributed Client/Server, 19 “20
firewall, 223 “224
Secure Virtual Network (SVN), 3
ARP (Address Resolution Protocol)
automatic, 276
described, using, 264 “266
entries vs. routes, 281
static source, destination modes, 271 “272
asymmetric encryption, 435
attacks
brute-force, 436
Denial of Service, 550
DoS, 45, 553 “554
MITM, 21
SNMP vulnerabilities, 65
SYN, 556 “558
authentication
client, described, using, 303 “309
defining users for, 292 “298
disabling, 547
external schemes, 316
FW-1 schemes, 286 “292
Global Properties, configuring, 202
LDAP, described, using, 309 “313
session, described, using, 306 “309
templates, using, 293 “297
timeout, configuring, 483
UA module and, 13 “14
and UAA, 343
user, described, using, 298 “303
authenticity, encryption and, 434
automatic NAT rules, 272 “276
availability, high. See high availability (HA)