Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Check Point Firewall Administration R81.10+
  • Table Of Contents Toc
Check Point Firewall Administration R81.10+

Check Point Firewall Administration R81.10+

By : Vladimir Yakovlev
4.9 (9)
Buy this Book
close
close
Check Point Firewall Administration R81.10+

Check Point Firewall Administration R81.10+

4.9 (9)
By: Vladimir Yakovlev
Buy this Book

Overview of this book

Check Point firewalls are the premiere firewalls, access control, and threat prevention appliances for physical and virtual infrastructures. With Check Point’s superior security, administrators can help maintain confidentiality, integrity, and the availability of their resources protected by firewalls and threat prevention devices. This hands-on guide covers everything you need to be fluent in using Check Point firewalls for your operations. This book familiarizes you with Check Point firewalls and their most common implementation scenarios, showing you how to deploy them from scratch. You will begin by following the deployment and configuration of Check Point products and advance to their administration for an organization. Once you’ve learned how to plan, prepare, and implement Check Point infrastructure components and grasped the fundamental principles of their operation, you’ll be guided through the creation and modification of access control policies of increasing complexity, as well as the inclusion of additional features. To run your routine operations infallibly, you’ll also learn how to monitor security logs and dashboards. Generating reports detailing current or historical traffic patterns and security incidents is also covered. By the end of this book, you'll have gained the knowledge necessary to implement and comfortably operate Check Point firewalls.
Table of Contents (21 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the example code files
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Legal disclaimer
Icon
Share your thoughts
1
Part 1: Introduction to Check Point, Network Topology, and Firewalls in Your Infrastructure and Lab
Icon
Part 1: Introduction to Check Point, Network Topology, and Firewalls in Your Infrastructure and Lab
Lock Free Chapter
2
Chapter 1: Introduction to Check Point Firewalls and Threat Prevention Products
chevron up
Icon
Chapter 1: Introduction to Check Point Firewalls and Threat Prevention Products
Icon
Technical requirements
Icon
Learning about Check Point's history and the current state of the technology
Icon
Understanding the Check Point product lineup and coverage
Icon
Introducing the Unified Management concepts and the advantages of security product consolidation
Icon
Familiarization with the Security Management Architecture (SMART)
Icon
Determining how we learn
Icon
Navigating the Check Point User Center
Icon
Summary
Icon
Further reading
3
Chapter 2: Common Deployment Scenarios and Network Segmentation
Icon
Chapter 2: Common Deployment Scenarios and Network Segmentation
Icon
Understanding your network topology
Icon
Learning about network segmentation
Icon
Protecting the core
Icon
Protecting the perimeter
Icon
Sizing appliances for new implementations and determining load on current systems
Icon
Summary
Icon
Further reading
4
Chapter 3: Building a Check Point Lab Environment – Part 1
Icon
Chapter 3: Building a Check Point Lab Environment – Part 1
Icon
Technical requirements
Icon
Lab topology and components
Icon
Downloading the prerequisites
Icon
Installing Oracle VirtualBox
Icon
Deploying the VyOS router
Icon
Summary
5
Chapter 4: Building a Check Point Lab Environment – Part 2
Icon
Chapter 4: Building a Check Point Lab Environment – Part 2
Icon
Technical requirements
Icon
Creating a Windows base VM
Icon
Creating a Check Point base VM
Icon
Creating linked clones
Icon
Summary
6
Part 2: Introduction to Gaia, Check Point Management Interfaces, Objects, and NAT
Icon
Part 2: Introduction to Gaia, Check Point Management Interfaces, Objects, and NAT
7
Chapter 5: Gaia OS, the First Time Configuration Wizard, and an Introduction to the Gaia Portal (WebUI)
Icon
Chapter 5: Gaia OS, the First Time Configuration Wizard, and an Introduction to the Gaia Portal (WebUI)
Icon
Technical requirements
Icon
Learning about Gaia's roots – a historical note
Icon
Using the First Time Configuration Wizard
Icon
Introduction to the Gaia Portal (WebUI)
Icon
Summary
8
Chapter 6: Check Point Gaia Command-Line Interface; Backup and Recovery Methods; CPUSE
Icon
Chapter 6: Check Point Gaia Command-Line Interface; Backup and Recovery Methods; CPUSE
Icon
Learning about the Check Point Gaia CLI
Icon
Introduction to Expert mode
Icon
Configuring Gaia using CLISH
Icon
Saving Gaia configuration, backups, snapshots, and migration tools
Icon
Saving and loading the configuration
Icon
Offline configuration editing and comparison
Icon
Using CPUSE
Icon
Summary
9
Chapter 7: SmartConsole – Familiarization and Navigation
Icon
Chapter 7: SmartConsole – Familiarization and Navigation
Icon
Technical requirements
Icon
Introduction to the SmartConsole application and Demo Mode
Icon
SmartConsole components, capabilities, and navigation
Icon
Summary
10
Chapter 8: Introduction to Policies, Layers, and Rules
Icon
Chapter 8: Introduction to Policies, Layers, and Rules
Icon
Access Control policies, layers, and rules
Icon
Packet flows and acceleration
Icon
Best practices for Access Control rules
Icon
APCL/URLF layer structure
Icon
Logs, tracking depth, and oddities
Icon
Summary
11
Chapter 9: Working with Objects – ICA, SIC, Managed, Static, and Variable Objects
Icon
Chapter 9: Working with Objects – ICA, SIC, Managed, Static, and Variable Objects
Icon
Working with objects
Icon
Object categories
Icon
Introduction to Internal Certificate Authority and Secure Internal Communication
Icon
Gateways and servers
Icon
Creating networks and Host objects
Icon
Variable objects
Icon
Summary
12
Chapter 10: Working with Network Address Translation
Icon
Chapter 10: Working with Network Address Translation
Icon
The need for NAT
Icon
NAT policies, rules, and processing orders
Icon
Automatic NAT
Icon
When NAT is not enough
Icon
NAT logging
Icon
Summary
13
Part 3: Introduction to Practical Administration for Achieving Common Objectives
Icon
Part 3: Introduction to Practical Administration for Achieving Common Objectives
14
Chapter 11: Building Your First Policy
Icon
Chapter 11: Building Your First Policy
Icon
Defining the access control policy structure
Icon
Creating rules for the firewall/networking layer
Icon
Creating the APCL/URLF layer and rules
Icon
Using Identity Awareness and access roles
Icon
Summary
15
Chapter 12: Configuring Site-to-Site and Remote Access VPNs
Icon
Chapter 12: Configuring Site-to-Site and Remote Access VPNs
Icon
An introduction to site-to-site VPN capabilities
Icon
Configuring a remote gateway and creating its policy
Icon
Building a site-to-site VPN using gateways managed by the same management server
Icon
An introduction to Check Point remote access VPN solutions
Icon
Configuring a remote access IPSec VPN
Icon
Summary
16
Chapter 13: Introduction to Logging and SmartEvent
Icon
Chapter 13: Introduction to Logging and SmartEvent
Icon
Logging into a single security domain
Icon
Introduction to SmartEvent
Icon
Summary
17
Chapter 14: Working with ClusterXL High Availability
Icon
Chapter 14: Working with ClusterXL High Availability
Icon
ClusterXL in HA mode
Icon
ClusterXL HA failover simulations
Icon
Alternative preferred HA options
Icon
Summary
18
Chapter 15: Performing Basic Troubleshooting
Icon
Chapter 15: Performing Basic Troubleshooting
Icon
Troubleshooting constraints and your actions
Icon
Typical issues and the tools to solve them
Icon
Service Requests – getting them right every time
Icon
Community resources and engagements
Icon
Postmortems and lessons learned
Icon
Summary
19
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share your thoughts
1
Appendix: Licensing
Icon
Appendix: Licensing
Icon
Licensing
Icon
Licensing for gateways
Icon
Licensing for management servers
Icon
Central and local licenses
Icon
License activation
Icon
Evaluation licenses for the lab
Icon
SmartUpdate and additional information
Icon
Why subscribe?

Navigating the Check Point User Center

The Check Point User Center is the portal for access to a variety of resources, and the place where you will create or manage your Check Point accounts, users, and products. It is also a place where you generate and download licenses and support contracts.

It is accessible at https://usercenter.checkpoint.com.

Figure 1.9 – User Center

Figure 1.9 – User Center

We will be using the ASSETS/INFO and TRY OUR PRODUCTS sections to obtain and maintain our lab licenses as we go through the book.

From the User Center, you can get to Support Center, a place where you can open and manage Service Requests (SRs), report security issues, subscribe to or access the PRO Support portal (a proactive monitoring and reporting service), and gain access to the technical documentation, alerts, subscriptions, product downloads, and search capabilities across SecureKnowledge articles, downloads, documentation, and CheckMates community posts and discussion threads.

The following screenshot shows Support Center:

Figure 1.10 – Support portal

Figure 1.10 – Support portal

Both portals are interlinked, but if you know what you need, it is simpler to get to the right place through a corresponding link.

The Support Center may be accessed at https://supportcenter.checkpoint.com.

Important Note

While it is not necessary to register with Check Point in order to download and try their firewall product, this trial will be limited to 15 days. To extend it beyond the initial 15 days, you will have to go through the registration process to request a trial or lab license(s).

Since we must learn how to register and manage users and accounts and how to license the product, we will now start with the registration process.

Follow these steps to register as a portal user and create an account:

  1. In your browser, go to https://usercenter.checkpoint.com.
  2. When prompted with the Sign In screen, click on Sign Up Now.
Figure 1.11 – Sign Up Now

Figure 1.11 – Sign Up Now

Populate the fields with your information and then click Submit.

Figure 1.12 – Sign Up; user information

Figure 1.12 – Sign Up; user information

  1. The Success! popup will appear; check your mailbox to continue.
  2. Click on Confirm Email in the body of the message.
  3. Create and confirm a suitably strong password using a combination of uppercase and lowercase letters, numbers, and symbols and then click Submit.
  4. Click Sign In.
  5. Enter your username (the same as the email in step 2 and the password from step 5) and then click Sign In.
  6. Once you are logged in for the first time, click on your username in the top-right portion of the screen and then click on the Security shield icon on the left to configure the Multifactor Authentication (MFA).
Figure 1.13 – Securing User Center access

Figure 1.13 – Securing User Center access

  1. Toggle the 2-Step Verification switch to the On position:
Figure 1.14 – Turning on 2-Step Verification

Figure 1.14 – Turning on 2-Step Verification

  1. Enter your mobile phone number, verify that the Text Message option is selected, and then click Verify Phone.
  2. Enter the code received via text message and then click Activate.
  3. Your phone number is now shown as Verified. Click on the Display Backup codes arrow.
Figure 1.15 – Backup codes for 2FA

Figure 1.15 – Backup codes for 2FA

  1. Click on Generate New Backup codes. When backup codes are displayed, click Print. If you do not have a printer connected, print codes to PDF. Click Close.
  2. In the Authenticator App section, click the arrow to the right of Set Up.
  3. Choose your mobile phone platform and then click Next.
  4. If you do not have an authentication application on your phone, install either Microsoft Authenticator or Google Authenticator or your preferred MFA application. When installed, or if already available, add the new account to it by scanning the QR code and then click Next.
  5. If the scan fails (observed on very high-resolution monitors with particular brightness and contrast), click on CAN'T SCAN IT?, manually enter the key into the authentication manager, and then click Next.
  6. Enter the dynamically generated one-time code and click Next. Note the time remaining for the action on your phone while doing it.
  7. The authentication app now becomes the default method for the second factor. Let's look at the following screenshot:
Figure 1.16 – Authentication app as the default 2FA

Figure 1.16 – Authentication app as the default 2FA

We can now securely log on to the User Center and access its resources.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Check Point Firewall Administration R81.10+
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon