Scribd
Upload
30 views39 pages

Checkpoint Training

The document discusses Check Point's security architecture and products. It describes the key components of Check Point's architecture including Smart Console, Smart Center Server, and Security Gateway. It then discusses various software blades that provide firewall, VPN, IPS, antivirus, URL filtering, and other security functions. The document also covers security management blades that allow centralized management, monitoring, policy management and other functions.

Uploaded by

MahmoudAbdElGhani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
30 views39 pages

Checkpoint Training

The document discusses Check Point's security architecture and products. It describes the key components of Check Point's architecture including Smart Console, Smart Center Server, and Security Gateway. It then discusses various software blades that provide firewall, VPN, IPS, antivirus, URL filtering, and other security functions. The document also covers security management blades that allow centralized management, monitoring, policy management and other functions.

Uploaded by

MahmoudAbdElGhani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 39

©2010 Check Point Software Technologies Ltd.

| [Restricted] ONLY for designated groups and


Agenda

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the


4
Configuration

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 2
Agenda

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the


4
Configuration

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 3
Check Point Architecture

1. Smart Console

2. Smart Center Server

3. Security Gateway

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 4
Stand-Alone Installation

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 5
Distributed Installation

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 6
Smart Console

Smart Console is comprised of server clients , used to


manage NGX Components

Smart Console Components:-

• Smart Dashboard
• Smart View Tracker
• Smart View Monitor
• Smart Event
• Smart Update

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 7
Smart Dashboard

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 8
Log Collection and Tracking Process

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 9
Smart View Tracker

1. Network & Endpoint, Active and Management (fw.log; fw.adtlog)


2. Query Tree
3. Query Properties
4. Records
©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 10
Smart View Monitor

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 11
Smart Event
Timelines – See real time information, trends, and anomalies at a glance.

Charts – View event statistics in bar charts or pie graphs.

Maps – Locate source or destination IP on a world map.

Forensics – Drill down by double clicking on Timelines, Charts or Maps.

Group By – Group events based on severity, source, destination or other fields.

Ticketing – Assign events to administrators for analysis

ClientInfo – Right click IP address to see processes, hotfixes, and vulnerabilities

User Identification – Every log can be associated with Active Directory user names.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 12
Monitor Only what is Important!

Timeline view
 Number and
severity of attacks
Monitor what is
over time
 Simple mouse- Important
click drill down to
forensic analysis
 Customizable –
Recent critical events
allows user to
define his own
timelines

Recent
critical events
 At-a-glance view
of recent Timeline view
critical events
 Simple mouse-
click drill down to
forensic analysis

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 13


Additional Capabilities

Display activity by geography

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 14
View Event Statistics with over 25 Charts

On-Line Charts

Can be viewed by
different criteria
such as:
Severity
Event Name,
Source,
Destination
©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 15
SmartEvent DLP Support

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 16
Smart Update

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 17
Agenda

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the


4
Configuration

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 18
Our new security architecture

softwareblades from Check Point


©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 19
Total Security
Complete Security & Management Portfolio

Security Gateway Blades

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 20
Security Gateway Blades
Firewall  World's most proven firewall secures more than 200 applications, protocols and services featuring the
most adaptive and intelligent inspection technology.

IPsec VPN  Secure connectivity for offices and end users via sophisticated but easy to manage Site-to-Site VPN
and flexible remote access.

IPS  The highest performing integrated IPS solution with the industry's best threat coverage

Web Security  Advanced protection for the entire Web environment featuring the strongest protection against
buffer-overflow attacks.

URL Filtering  Best-of-breed Web filtering covering more than 20 million URLs protects users and enterprises by
restricting access to dangerous Web sites.

Antivirus & Anti-Malware  Leading antivirus protection including heuristic virus analysis stops viruses, worms
and other malware at the gateway

Anti-Spam & Email Security  Multi-dimensional protection for the messaging infrastructure stops spam, protects
servers and eliminates attacks through email.

Advanced Networking  Adds dynamic routing, multicast support and Quality of Service (QOS) to security
gateways.

Acceleration and Clustering  Patented SecureXL and ClusterXL technologies provide wire speed packet
inspection, high availability and load sharing.

Voice over IP  Advanced connectivity and security features for VoIP deployments, featuring enhanced Rate
Limiting protections, Far end NAT and inspection of SIP TLS.
©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 21
[Restricted] ONLY for designated groups and 22

Event Correlation
Reporting
SmartWorkflow
SmartProvisioning
Security Management Blades

IPS Event Analysis

|
©2010 Check Point Software Technologies Ltd.
Complete Security & Management Portfolio

User Directory
Management Portal
Monitoring
Total Security

Logging & Status


Endpoint Policy Management
Network Policy Management
Security Management Blades

Network Policy Management  Comprehensive network security policy management for Check Point gateways and blades via Smart Dashboard, a
single, unified console

Endpoint Policy Management  Centrally deploy, manage, monitor and enforce security policy for all endpoint devices across any sized
organization.

Monitoring  A complete view of network and security performance, enabling fast response to changes in traffic patterns and security events.

Management Portal  Extends a browser-based view of security policies to outside groups such as support staff while maintaining central policy
control

User Directory  Enables Check Point gateways to leverage LDAP-based user information stores, eliminating the risks associated with manually
maintaining and synchronizing redundant data stores.

IPS Event Analysis  Complete IPS event management system providing situational visibility, easy to use forensic tools, and reporting.

Smart Provisioning  Provides centralized administration and provisioning of Check Point security devices via a single management console.

Smart Workflow  Provides a formal process of policy change management that helps administrators reduce errors and enhance compliance.

Reporting  Turns vast amounts of security and network data into graphical, easy-to-understand reports.

Event Correlation  Centralized, real-time security event correlation and management for Check Point and third-party devices.

Logging & Status  Comprehensive information in the form of logs and a complete visual picture of changes to gateways, tunnels, remove users and
security activities

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 23
Inspect Engine

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 24
Policy Installation Overview

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 25
SIC

• SIC is used to setup a Secure Communication Channel between the Check Point nodes
(such as Security Management server, gateways or OPSEC modules)
• Certificates for authentication

•3DES for encryption.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 26
Agenda

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the


4
Configuration

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 27
Check Point Product

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 28
Check Point 4800:
Enterprise-Grade, High-End Features

 Hot-swappable
redundant power
supplies

True Serviceability with Rich Connectivity


 Variety of network interface expansions  Out-of-band management (LOM )
 Same cards for 4000 and  8x1GE onboard ports
12000 appliances
 Graphic LCD
 Copper and fiber (1GE / 10GE) display

©2012 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 29
4000 & 12000 IO Cards Modularity
A broad range of supported line cards:

4x 100BaseT (All Models)

4x Fiber Optic (All Models)

2x 10GBaseF (4800 and Higher)

8x 1000BaseT (4800 and higher)

4x 10GBaseF (12200 and higher)

©2012 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 30
Software Blades

©2012 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 31
Smart-1 Appliances for Smart Event

Smart-1 Smart-1 Smart-1


SmartEvent 5 SmartEvent 25b SmartEvent 50

©2012 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 32
Agenda

1 Check Point Architecture

2 Check Point Software Blades

33 Check Point Product

Backup & Restore of the


4
Configuration

©2012 Check Point Software Technologies Ltd. | [PROTECTED] – All rights reserved 33
Backup & Restore
Configuration

There are two options to take the backup.

• Graphical user Interface

• CLI

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 34
Graphical User Interface(GUI)

• Login to the Gateway/Management via web


browser.
• Go to the tab Appliance and select the option
Backup & Restore.
• Select the Backup and start Backup.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 35
Graphical User Interface(GUI)
• Specify the Filename name and they are Five option to store
that file.
• Before taking the backup make sure that your GUI clients are
disconnected from Smart center.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 36
Command Line Interface(CLI)

• Backup Tool (upgrade_export)


• Located at $FWDIR/bin/upgrade_tools

•Usage: upgrade_export [-d] [-h] [-v] <exported file name>

Where:
•<exported file name> - the path to export the DB

•-d - prints debug information

•-h - prints this usage

•-v - prints the version

• Restore Tool (upgrade_import)


• Located at $FWDIR/bin/upgrade_tools

•Usage: upgrade_import [-d] [-h] <path>

Where:
•<path> - The location of the exported file

•-v - Prints the version

•-d - Prints debug information

•-h - Prints this usage

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 37
Thank You

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 38
Questions?

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and 39

You might also like