Solutions Fast Track
Encryption Schemes
-
VPNs can provide privacy, authenticity, and data integrity.
-
Key exchange is public (asymmetric); encryption is symmetric for performance.
-
Beware of the security of proprietary encryption schemes.
Configuring an IKE VPN
-
Double-check encryption rule properties to make sure they are identical.
-
Make sure key exchange rules (if any) are above your stealth rule.
-
Simplified mode can make it easy and quick to bring up even many site-to-site tunnels.
-
It is a good idea to disable NAT for any encrypted traffic between VPN domains.
Configuring a SecuRemote VPN
-
SecuRemote can be used with dialup or Ethernet adapters.
-
Secure Domain Login, or SDL, is possible with SecuRemote.
-
Several methods exist for automatically updating site topology.
Installing SecuRemote Client Software
-
Your main choices when installing the SecuRemote client are whether to bind SecuRemote to all adapters or just your dialup adapter and whether to enable desktop security (see Chapter 11, Securing Remote Clients ).
Using SecuRemote Client Software
-
The IP address or hostname used in creating your site is the IP address or hostname of the firewall gateway through which you will be connecting, or, in the case of a distributed installation, the IP address or hostname of that gateway s management console.
-
Topology downloads are saved on the client locally in the file userc.C in the SecuRemote installation directory.
![Check Point NG[s]AI](/icons/blank_book.jpg "Check Point NG[s]AI"){kind=icon}
- ERP Systems Impact on Organizations
- Enterprise Application Integration: New Solutions for a Solved Problem or a Challenging Research Field?
- Context Management of ERP Processes in Virtual Communities
- Distributed Data Warehouse for Geo-spatial Services
- Intrinsic and Contextual Data Quality: The Effect of Media and Personal Involvement