Checkpoint Training

©2010 Check Point Software Technologies Ltd.
| [Restricted] ONLY for designated groups and

Agenda
1 Check Point Architecture
2 Check Point Software Blades
33 Check Point Product
Backup & Restore of the

4
Configuration
©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 2
Agenda

4
Configuration
Check Point Architecture
1. Smart Console
2. Smart Center Server
3. Security Gateway
Stand-Alone Installation
Distributed Installation
Smart Console
Smart Console is comprised of server clients , used to

manage NGX Components
Smart Console Components:-
• Smart Dashboard
• Smart View Tracker
• Smart View Monitor
• Smart Event
• Smart Update
Smart Dashboard
Log Collection and Tracking Process
Smart View Tracker
1. Network & Endpoint, Active and Management (fw.log; fw.adtlog)

2. Query Tree
3. Query Properties
4. Records
Smart View Monitor
Smart Event
Timelines – See real time information, trends, and anomalies at a glance.
Charts – View event statistics in bar charts or pie graphs.
Maps – Locate source or destination IP on a world map.
Forensics – Drill down by double clicking on Timelines, Charts or Maps.
Group By – Group events based on severity, source, destination or other fields.
Ticketing – Assign events to administrators for analysis
ClientInfo – Right click IP address to see processes, hotfixes, and vulnerabilities
User Identification – Every log can be associated with Active Directory user names.
Monitor Only what is Important!
Timeline view
 Number and
severity of attacks
Monitor what is
over time
 Simple mouse- Important
click drill down to
forensic analysis
 Customizable –
Recent critical events
allows user to
define his own
timelines
Recent
critical events
 At-a-glance view
of recent Timeline view
critical events
 Simple mouse-
click drill down to
forensic analysis
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 13

Additional Capabilities
Display activity by geography
View Event Statistics with over 25 Charts
On-Line Charts
Can be viewed by
different criteria
such as:
Severity
Event Name,
Source,
Destination
SmartEvent DLP Support
Smart Update
Agenda

4
Configuration
Our new security architecture
softwareblades from Check Point

Total Security
Complete Security & Management Portfolio
Security Gateway Blades
Security Gateway Blades
Firewall  World's most proven firewall secures more than 200 applications, protocols and services featuring the
most adaptive and intelligent inspection technology.
IPsec VPN  Secure connectivity for offices and end users via sophisticated but easy to manage Site-to-Site VPN
and flexible remote access.
IPS  The highest performing integrated IPS solution with the industry's best threat coverage
Web Security  Advanced protection for the entire Web environment featuring the strongest protection against
buffer-overflow attacks.
URL Filtering  Best-of-breed Web filtering covering more than 20 million URLs protects users and enterprises by
restricting access to dangerous Web sites.
Antivirus & Anti-Malware  Leading antivirus protection including heuristic virus analysis stops viruses, worms
and other malware at the gateway
Anti-Spam & Email Security  Multi-dimensional protection for the messaging infrastructure stops spam, protects
servers and eliminates attacks through email.
Advanced Networking  Adds dynamic routing, multicast support and Quality of Service (QOS) to security
gateways.
Acceleration and Clustering  Patented SecureXL and ClusterXL technologies provide wire speed packet
inspection, high availability and load sharing.
Voice over IP  Advanced connectivity and security features for VoIP deployments, featuring enhanced Rate
Limiting protections, Far end NAT and inspection of SIP TLS.
[Restricted] ONLY for designated groups and 22
Event Correlation
Reporting
SmartWorkflow
SmartProvisioning
Security Management Blades
IPS Event Analysis
|
©2010 Check Point Software Technologies Ltd.
Complete Security & Management Portfolio
User Directory
Management Portal
Monitoring
Total Security
Logging & Status

Endpoint Policy Management
Network Policy Management
Security Management Blades
Network Policy Management  Comprehensive network security policy management for Check Point gateways and blades via Smart Dashboard, a
single, unified console
Endpoint Policy Management  Centrally deploy, manage, monitor and enforce security policy for all endpoint devices across any sized
organization.
Monitoring  A complete view of network and security performance, enabling fast response to changes in traffic patterns and security events.
Management Portal  Extends a browser-based view of security policies to outside groups such as support staff while maintaining central policy
control
User Directory  Enables Check Point gateways to leverage LDAP-based user information stores, eliminating the risks associated with manually
maintaining and synchronizing redundant data stores.
IPS Event Analysis  Complete IPS event management system providing situational visibility, easy to use forensic tools, and reporting.
Smart Provisioning  Provides centralized administration and provisioning of Check Point security devices via a single management console.
Smart Workflow  Provides a formal process of policy change management that helps administrators reduce errors and enhance compliance.
Reporting  Turns vast amounts of security and network data into graphical, easy-to-understand reports.
Event Correlation  Centralized, real-time security event correlation and management for Check Point and third-party devices.
Logging & Status  Comprehensive information in the form of logs and a complete visual picture of changes to gateways, tunnels, remove users and
security activities
Inspect Engine
Policy Installation Overview
SIC
• SIC is used to setup a Secure Communication Channel between the Check Point nodes
(such as Security Management server, gateways or OPSEC modules)
• Certificates for authentication
•3DES for encryption.
Agenda

4
Configuration
Check Point Product
Check Point 4800:
Enterprise-Grade, High-End Features
 Hot-swappable
redundant power
supplies
True Serviceability with Rich Connectivity

 Variety of network interface expansions  Out-of-band management (LOM )
 Same cards for 4000 and  8x1GE onboard ports
12000 appliances
 Graphic LCD
 Copper and fiber (1GE / 10GE) display
©2012 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 29
4000 & 12000 IO Cards Modularity
A broad range of supported line cards:
4x 100BaseT (All Models)
4x Fiber Optic (All Models)
2x 10GBaseF (4800 and Higher)
8x 1000BaseT (4800 and higher)
4x 10GBaseF (12200 and higher)
Software Blades
Smart-1 Appliances for Smart Event
Smart-1 Smart-1 Smart-1

SmartEvent 5 SmartEvent 25b SmartEvent 50
Agenda

4
Configuration
Backup & Restore
Configuration
There are two options to take the backup.
• Graphical user Interface
• CLI
Graphical User Interface(GUI)
• Login to the Gateway/Management via web

browser.
• Go to the tab Appliance and select the option
Backup & Restore.
• Select the Backup and start Backup.
Graphical User Interface(GUI)
• Specify the Filename name and they are Five option to store
that file.
• Before taking the backup make sure that your GUI clients are
disconnected from Smart center.
Command Line Interface(CLI)
• Backup Tool (upgrade_export)

• Located at $FWDIR/bin/upgrade_tools
•Usage: upgrade_export [-d] [-h] [-v] <exported file name>
Where:
•<exported file name> - the path to export the DB
•-d - prints debug information
•-h - prints this usage
•-v - prints the version
• Restore Tool (upgrade_import)

• Located at $FWDIR/bin/upgrade_tools
•Usage: upgrade_import [-d] [-h] <path>
Where:
•<path> - The location of the exported file
•-v - Prints the version
•-d - Prints debug information
•-h - Prints this usage
Thank You
Questions?

Checkpoint Training

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Checkpoint Training

Uploaded by

Copyright:

Available Formats

©2010 Check Point Software Technologies Ltd.

| [Restricted] ONLY for designated groups and

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the

2. Smart Center Server

Smart Console is comprised of server clients , used to

Smart Console Components:-

1. Network & Endpoint, Active and Management (fw.log; fw.adtlog)

Charts – View event statistics in bar charts or pie graphs.

Maps – Locate source or destination IP on a world map.

Forensics – Drill down by double clicking on Timelines, Charts or Maps.

Group By – Group events based on severity, source, destination or other fields.

Ticketing – Assign events to administrators for analysis

ClientInfo – Right click IP address to see processes, hotfixes, and vulnerabilities

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 13

Display activity by geography

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the

softwareblades from Check Point

Security Gateway Blades

IPS Event Analysis

Logging & Status

•3DES for encryption.

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the

True Serviceability with Rich Connectivity

4x 100BaseT (All Models)

4x Fiber Optic (All Models)

2x 10GBaseF (4800 and Higher)

8x 1000BaseT (4800 and higher)

4x 10GBaseF (12200 and higher)

Smart-1 Smart-1 Smart-1

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the

There are two options to take the backup.

• Graphical user Interface

• Login to the Gateway/Management via web

• Backup Tool (upgrade_export)

•Usage: upgrade_export [-d] [-h] [-v] <exported file name>

•-d - prints debug information

•-h - prints this usage

•-v - prints the version

• Restore Tool (upgrade_import)

•Usage: upgrade_import [-d] [-h] <path>

•-v - Prints the version

•-d - Prints debug information

•-h - Prints this usage

You might also like