Index_S
S
Safe@ Connector installation, 60
SAM API, using, 342 “343
saving security policies, 241, 390
scalability
firewall proxies vs. packet filtering, 33
Stateful Inspection and, 36 “37
scheduled events, configuring, 194
scripts
INSPECT, 251
IntialPolicy, unloading, 125 “126
user -defined responses, 420, 431
writing, 420 “424, 431
SCV, setting global properties, 489
SDL (Secure Domain Login), 468
searching
for licenses, 84
using SmartView Tracker, 211
Secondary Management Station, 163
secure communications, ensuring between GUI client and management server, 44
Secure Domain Login (SDL), 468, 508
Secure Internal Communication (SIC)
certificates and, 121
Check Point s use of, 6 “7
configuring, 233
Secure Shell (SSH), 54, 203
Secure Sockets Layer (SSL), 203, 514
Secure Virtual Network (SVN) architecture, 3
SecureClient
blocking viruses with, 38
configuring logging, 481
described, 9 “10
installing software, 495 “498
logging into policy server, 510
Packaging tool installation, 63, 78
Policy Server installation, 60
software described, 476
SecureClient Packaging Tool, 63, 78, 464, 499 “509
SecureDHCP service, 17
SecuRemote
configuring, 203
configuring VPN, 457 “462
described, 8 “10
installing client software, 462 “464
using client software, 464 “469
SecuRemote DNS, configuring, 192
SecurePlatform
elements of high-performance configuration, 158
installing VPN-1/FW-1 NG AI on, 146 “151
SecureXL
described, using, 24
extreme performance, 380
Solaris installation screen, 115
SecurID
authentication method described, using, 287
described, 485
when to use, 316
securing host during firewall installation, 52 “58
security
boot, 229
training, 220
security associations (SAs), 437
Security Configuration Verification (SCV) checks, 9
Security Dashboard
described, using, 5 “6
managing NG AI suite with, 4
Security Policy
administration, 390 “391
application of rules to incoming data, 45
backing up, 250
boot process, 393 “394
community involvement in formulation of, 222, 256
default and initial, 228 “229
defining requirements, 221
designing, 223
DNS rule, 241
editing files manually, 252
HTTP and HTTPS rule, 240
implementing, 228 “242
installation methods , 250 “251
installing, 249 “251
policy files, 251 “252
policy options, 247
reasons for, 218 “219
rule using CVP resource, 329
rule using UFP server in URI resource, 338 “339
translating into rules, 230 “242
using CVP, 324 “329
writing, 224 “228
Security Policy tool, installing, 66
Security Server, Global Properties, 202
security servers, 380
Security Sockets Layer (SSL), 8
server objects, 189
server pooling, 174
servers
CVP vs. UFP, 332
fingerprints of, 44
load balancing chained, 331
policy. See policy servers
˜ rooting , 10
services objects, 179
session authentication, 306 “309
session keys in encryption, 436
sessions
logging, 11 “12
OPSEC, 320
SHA-1 encryption, 456
shared secret (encryption), 435
showing. See displaying
SIC module, using, 21 “22
Sign-On Method, client authentication, 305
silent installation, 506
Simple Mail Transfer Protocol. See SMTP
Simple Objects Access Protocol (SOAP), OPSEC option, 351
Simplified Mode, SecureClient VPN connection rules, 495
Single Entry Point (SEP) VPN configurations, 440, 520, 528 “533
site-to-site VPN, 439
SmartCenter installation, 60
SmartCenter Pro, 16
SmartConsole, installation, 61, 77
SmartDashboard
adding rules with, 195 “200
Address Translation tab, 262
customizing, 205
described, using, 25 “26
installation, 78
managing objects with, 160 “161
SmartDefense tab, 551
SmartDefense
Application Intelligence described, using, 560 “564
concurrent connection setting, 556
Cross Site Scripting tab, 562 “563
described, using, 23 “24
fingerprint scrambling options, 558
and IDS, 424
introduction to, 550 “551
updating, 565 “566
using, 551 “552
SmartDirectory (LDAP), 8
SmartLSM
described, using, 15 “16
installation, 63, 78
SmartMap
described, using, 28 “29
topology of objects, 162
using with Policy Editor, 26 “27
SmartUpdate
configuring option, 66
configuring tool, 205 “209
described, 6
described, using, 22 “23, 388 “389
installation, 63
Product of Repository, 23
SmartView Monitor
installation, 60
monitoring functions, 385
SmartView Reporter
creating reports to, 482
described, 10 “12
real-time status monitoring, 40
using, 42
SmartView Status
configuring tool, 211 “212
installation, 78
SmartView Tracker, 10
configuring tool, 209 “210
installation, 63, 78
interfacing with SAM, 427
monitoring firewall traffic with, 414
SMTP (Simple Mail Transfer Protocol)
and CVP resources, 324
described, 15, 527
resource, using, 188
resources, e-mail filtering, 351 “357
viruses that exploit, 38
sniffers, 257
SNMP
daemon (UNIX), 64
security policy settings, 235
vulnerabilities, 65
SOAP (Simple Objects Access Protocol), 351
Sofaware, 16, 60
Solaris
32-bit vs. 64-bit, 50
8 UltraSPARC, SmartConsole non-supported clients , 49
configuring VPN-1/FW-1 NG AI on, 114 “129
guidelines for securing OS, 53
installing VPN-1/FW-1 NG AI on Solaris, 104 “129
startup routing statements, 57
uninstalling VPN-1/FW-1 NG AI from, 129 “138
Solutions Fast Track
advanced VPN configurations, 546 “547
applying NAT, 279 “280
authenticating users, 315 “316
installing, configuring VPN-1/FW-1 NG, 153 “156
managing policies and logs, 408 “409
NG with AI, introduction, 41 “44
OPSEC and content filtering, 363 “366
securing remote clients, 511 “512
security policy, creating, 253 “255
SmartDefense, 567 “568
tracking and alerts, 430 “431
using the GUI, 213 “214
VPN configurations, 470 “471
SonicWall, 437
Spitzner, Lance, 424
spoofing
address, 559
anti-spoof configuration status, 552
IP addresses, 343
SSL (Security Sockets Layer), 8
SSO solutions and UA module, 13 “14
standards, security policy, 224
star configuration, VPN, 448 “449
starting
installation wizard, 152
SecuRemote GUI, 464
SmartDashboard, 160
state synchronization, 95, 525 “528, 547
Stateful ICMP, 183
Stateful Inspection
configuring, 204
technology, 9, 30 “31
static address translation, configuring, 266 “272
static destination rule, 269 “270
status alerting, configuring, 211 “212
Stealth Rule, 239
subnet calculators , Web sites, 168
subnets, configuring firewall interface with, 56
Sun Solaris OS, 20
SunTone Certified kernel, 111
SurfControl, 331
Suspicious Activities Monitoring (SAM), 321, 342, 415
Suspicious Activities Monitoring Protocol (SAMP), 424 “429
SVN Foundation
and improving performance, 382 “383
installing for Solaris installation, 106
installing on Nokia, 142 “144
removing, 101
uninstalling from Solaris installation, 134 “137
Symantec, 332
symmetric encryption, 435
SYN attacks, 556 “558
sync.conf file, 547
synchronizing
connections in cluster, 181
firewalls, 525 “528
state synchronization, 547
SYNDefender, 236
system requirements for VPN-1/FW-1 installation, 49
![Check Point NG[s]AI](/icons/blank_book.jpg "Check Point NG[s]AI"){kind=icon}