Solutions Fast Track

Previous page
Table of content
Next page

Administering Check Point VPN-1/FW-1 NG AI for Performance

  • Keep the Rule Base simple. Enough said.

  • Keep the most frequently matched rules near the top. Because FW-1 uses top-down processing of all packets against the Rule Base, packets that are matched early on are kicked out to the OS for routing sooner.

  • Monitor performance periodically using FW-1 built-in tools. There are also a number of platform-specific utilities, such as the NT Performance Monitor, to gauge the firewall s level of performance.

Administering Check Point VPN-1/FW-1 NG AI for Effectiveness

  • Audit your firewall using assessment tools. This will not only test your configuration, it will also show you in the log how it looks when attackers perform reconnaissance on your firewall. Third-party audits of your network are also an advisable course of action, and in some cases, such as healthcare and financial industries, they are a legally required procedure.

  • Subscribe to Check Point s mailing lists to be alerted to new patches and SmartDefense updates. Additionally, monitor general security lists for pertinent vulnerabilities.

  • Monitor your logs on a daily basis, and develop a plan for log rotation. Leverage the filtering capabilities of SmartView Tracker to create customized views of the logs for more efficient auditing.

Administering Check Point VPN-1/FW-1 NG AI for Recoverability

  • Save a backup copy of your policy in the Database Revision Control before you modify it. This will enable you to fall back should something go wrong or not work the way you planned.

  • Back up FW-1 s configuration files after modifications are made. The files you should back up include objects_5_0.c, rulebases_5_0.fws, all *.W files, all *.pf files, and fwauth.NDB*.

  • Evaluate your hardware support contract to see if the specified time period would be acceptable if the firewall hardware were to fail.

Performing Advanced Administration Tasks

  • The commands fwstop and fwstart can be used to stop and start FW-1, respectively.

  • The *.pid files in $FWDIR\tmp can be used to determine the process ID assigned to FW-1 processes.

  • The security server binaries are named in the format in.a [application] d. For example, HTTP is called in.ahttpd and FTP is in.aftpd.

  • When the security servers are running in Windows, they show up as fw.exe processes.



Previous page
Table of content
Next page
Check Point NG[s]AI
Check Point NG[s]AI
ISBN: 735623015
EAN: N/A
Year: 2004
Pages: 149
BUY ON AMAZON
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
The CISSP and CAP Prep Guide: Platinum Edition
Snort Cookbook
Java for RPG Programmers, 2nd Edition
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy