9/10/2012

Connecting to CheckPoint Security Mngm. Server with Smart Console R75.40 and


on the left side; Smart Dashboard which you installed on your windows pc and you are using it for connecting to your checkpoint server

on the right side; virtual checkpoint r75.40 security server.
Next.
After successful connection you should see SmartDashboard R75.40 Console.



















How to install Check Point R75 Secure Platform

I’m using this image file for the install – Check_Point_R75.Splat.iso which can be downloaded from the Check Point websiteand is fully operational for 15 days for you to evaluate. The good thing about the Check Point installations is that they are very similar between versions. So you can also follow this guide for earlier version. Let’s begin!
1. Insert the DVD or boot the ISO image and boot the server. You will be presented with the Check Point SecurePlatform installation.
2. In between the previous step and this step your hardware would of been scanned and either found suitable or unsuitable for Check Point SecurePlatform. You can also add drivers by clicking on Add Driver. Click Ok.
3. Select your keyboard type and click Ok.
4. In this lab I have two network cards connected to my Check Point gateway. eth0 is for outside or untrusted networks and eth1 is for internal or trusted networks. I want to configure the internal network card at this stage. Select your internal network card and click Ok.
5. Enter the IP address and subnet mask. Only enter inthe default gateway information if you are configuring the external interface, as I’m configuring the internal interface I will leave the Default Gateway blank. Click Ok.
6. I want to turn on the HTTPS secure web server and have it run on port 443. This is the default setting. Click Ok.
7. Your hard drives will now be formatted and the SecurePlatform operating system installed. Click Ok.
8. The install is now complete. As you can see you can login to the secure web server by browsing to https://192.168.10.50 which we will use later. Click Ok and the server will be rebooted.
9. When the server has rebooted you are presented with the login prompt at the console. The default username and password is admin and admin. Once you type this in you are prompted to change the password. Enter in a new password.
10. You have the option to change the admin username as well. In this tutorial I will be changing it to cpadmin.
11. The username has now been changed and you are prompted to run sysconfig to further configure the gateway and install Check Point products.
If you have any technical questions about this tutorial or any other tutorials on this site, please send write a comment or send me an email and I will be able to help you out.
We will now continue on with the Check Point R75 Installation tutorial where we will configure the rest of the gateway settings and install the Check Point products.
1. We have now completed the previous Part 1 of the tutorial and have just changed the admin username from admin to cpadmin and were prompted to run sysconfig for system and product configuration. Type sysconfig and press enter.
2. The wizard begins. Type n and press enter to proceed to the next screen.
3. First up we are presented with some network configuration options.
4. Press 1 for Host Name configuration and set a host name for the Check Point gateway. When you are finished type e and press enter to go back to the previous screen.
5. Press 2 and set a domain name for the Check Point gateway. When you are finished type e and press enter to go back to the previous screen.
6. Press 3 to setup DNS server for name resolution. When you are finished type e and press enter to go back to the previous screen.
7. Press 4 to enter into the Network configuration options. Since we have only configured the internal interface with an ip address, we’ll need to configure our external interface. Type 2 and press enter to configure a connection, select eth0 and configure your external ip address, subnet mask and default gateway. When you are finished type e and press enter to go back to the previous screen.
8. Pressing 5 and entering into the routing configuration menu allows you to either set a new default gateway or show the current default gateway. When you are finished type e and press enter to go back to the previous screen.
9. Type n and press enter to proceed to the next screen. In this screen we can set our time zone, date, local time and display the current time settings. Set this as per your location. When you are finished type n and press enter to proceed to the next screen.
10. As this is a brand new installation we do now have any import configuration files, so we can just press n for next.
11. We have finished with the SecurePlatform side and now we can start installing the Check Point products we will be using. It is important to note that you don’t need to install all the products in this step, you can come back at a later stage, type sysconfig and install the software that you wish to use. Press n for next.
12. Press y to access the License Agreement.
13. Select New Installation and press n for next.
14. In this tutorial we will just be installing Security Gateway, Security Management, SmartEvent and SmartReporter Suite, Management Portal and Mobile Access. Press n for next.
15. As this is the first Gateway we will select Primary Security Management. Press n for next.
16. We will just be installing SmartReporter and SmartEvent Server. Press n for next.
17. You are now displayed a brief summary of what products you have chosen to install. If you are happy press n for next otherwise feel free to go back and make changes.
18. The installation begins.
19. Once the installation is finished there are just a few more settings that are needed before the gateway is ready. If you have a license I would wait to use SmartUpdate later on to install them. I will not be adding any licenses now. Press n.
20. Yes we will want to add an administrator to this Security management server. Press y.
21. Type the new administrators username and password.
22. Yes we will want to define GUI clients to be able to manage this gateway. Press y.
23. I would like to add my internal subnet as a GUI client. I type in 192.168.10.0/255.255.255.0, press enter, then press ctrl-D. Lastly confirm this is correct by pressing y.
24. The Fingerprint of the Security Management Server is displayed. This can be used to verify that you are connecting to the correct server. You have an option to save this to a file. I won’t be saving this so I’ll type n.
25. The installation is now complete. You must reboot to put the settings into effect. Press Enter.
26. Type reboot and Y to confirm. Once your firewall has booted up, you can continue onto how to install the management tools and connect to the firewall.

Mini Lab for CheckPoint

1.Download and Install vmware or virtualbox (because CheckPoint firewall software is Linux based)
2.Download SmartConsole r75.40 for windows (also it is available for other OSs) and install it on your laptop or whereever you will use it as a manager pc.
3.hard part of this Download Checkpoint R75.40 splat.iso (try to find from checkpoint  web site it is a little hard to find it)
4.After downloading cp r75.40 splat iso I will talk about how to install it in your environment (virtualy or physicallly)


SmartConsole R75.40 Located

After installation of Smart Console R75.40 on a windows machine you can reach at all your consoles at Start--> All Programs--> Smart Console R75.40 .
 

Cisco ASA-1: Cisco ASA Features 


The Cisco ASA is the focus of the FIREWALL exam. Is the ASA a firewall? Yes. Is it more

than a firewall? Yes!

Even further, the ASA has many features that go beyond the basic firewall techniques, giving

it great versatility. A summary of the ASA features is presented in the following sections.

You should become familiar with these features, as you will need to be able to select

the appropriate ASA features and technologies on the exam, given some high-level design

criteria:




Stateful packet filtering engine: The SPF engine tracks connections and their


states, performing TCP normalization and conformity checks, as well as dynamic session

negotiation.




Application inspection and control: The AIC function analyzes application layer


protocols to track their state and to make sure they conform to protocol standards.




User-based access control: The ASA can perform inline user authentication followed


by Cut-through Proxy, which controls the access that specific users are allowed

to have. Once a user is authenticated, Cut-through Proxy also accelerates

inspection of a user’s traffic flows.




Session auditing: Accounting records can be generated for user-based sessions, as


well as for application layer connections and sessions.





Security Services Modules: The ASA platform supports several Security Services


Modules (SSM) that contain specialized hardware to offload processor-intensive security

functions. An ASA can contain one SSM, offloading either IPS or content security

services.




Reputation-based Botnet Traffic Filtering: An ASA can detect and filter traffic


involved with botnet activity on infected hosts. The Botnet Traffic Filter database

Feature Limitation



Protocol analysis and normalization Not available for all protocols or applications.

Deep and thorough content analysis Analysis might take too long for real-time traffic.

Access control over Layers 3 through 7 —

Can be permissive or restrictive Can require configuration on the clients.
 

 


Category-based URL filtering: An ASA can leverage an external URL filtering


server to enforce acceptable use policies and control user access to various types of

web services.




Cryptographic Unified Communications (UC) proxy: When Cisco Unified Communications


traffic must pass through an ASA, the ASA can be configured as an authorized

UC proxy. The ASA can then terminate and relay cryptographically

protected UC sessions between clients and servers.




Denial-of-service prevention: An ASA can leverage traffic-control features like


protocol normalization, traffic policing, and connection rate controls to minimize

the effects of denial-of-service (DoS) attacks.




Traffic correlation: The threat detection feature examines and correlates traffic


from many different connections and sessions to detect and block anomalies stemming

from network attacks and reconnaissance activity.




Remote access VPNs: An ASA can support secure VPN connections from trusted


users located somewhere on an untrusted network. Clientless SSL VPNs can be used

to offer a secure web portal for limited remote access to users, without requiring

VPN client software. For complete secure network access, full tunneling of all user

traffic is supported with either SSL VPNs or IPsec VPNs, which require VPN client

software. 




Site-to-site VPNs: An ASA can support IPsec VPN connections between sites or


enterprises. Site-to-site or LAN-to-LAN VPN connections are usually built between

firewalls or routers at each location. Site-to-site VPNs are covered in the


 


High availability failover clustering: Two identical ASA devices can be configured


to operate as a failover pair, making the ASA security functions redundant in case of

a hardware failure.




Redundant interfaces: To increase availability within a single ASA, interfaces can


be configured as redundant pairs so that one is always active, while the other takes

over after an interface hardware failure.




EtherChannel: Multiple ASA interfaces can be aggregated or bundled together as a


single logical interface. By connecting an EtherChannel between an ASA and a

switch, you can scale the bandwidth and offer additional redundancy.




Traffic and policy virtualization: An ASA can be configured to operate multiple


virtual instances or security contexts, each acting as an independent firewall. Each

virtual context has its own set of logical interfaces, security policies, and administrative

control.






Rich IP routing functionality: An ASA can forward traffic onto the local networks


connected to each of its interfaces without any additional IP routing information. It

can also be configured to use static routes or a dynamic routing protocol such as

RIPv1, RIPv2, EIGRP, and OSPF to make more complex routing decisions.






Powerful Network Address Translation (NAT): As an ASA inspects and forwards


packets, it can apply a rich set of NAT functions to alter source and destination addresses.




Transparent (bridged) operation: An ASA can be configured to operate as a transparent


firewall, effectively becoming a secure bridge between its interfaces. Transparent

firewall mode allows an ASA to be wedged into an existing network without

requiring any readdressing of the network.






Integrated DHCP, DDNS, and PPPoE: An ASA can be configured to act as a


DHCP client or a PPP over Ethernet (PPPoE) client to obtain a dynamic IP address for

its interfaces from the network, and as a Dynamic DNS (DDNS) client to record information

for hostname-to-address resolution. As well, an ASA can act as a DHCP server

to offer IP addressing services to other hosts on the network.






IPv6 support: An ASA can be configured to operate natively in an IPv6 network.




IP multicast support: An ASA can leverage the Internet Group Management Protocol


(IGMP) and the Protocol Independent Multicast (PIM) protocol to participate in

handling IP multicast traffic.




Management control and protocols: An ASA supports several different methods


of management control, including a console port, Telnet, Secure Shell (SSH), Secure

HTTP (HTTPS), and Simple Network Management Protocol (SNMP; Versions 1, 2c,

and 3). A dedicated out-of-band management port is also available. An ASA can send

event notifications using SNMP traps, NetFlow, and syslog.






Simple software management: An ASA supports a local file system and remote


file transfers for software upgrades. Software upgrades can be performed manually,

automatically, or in a zero-downtime fashion on a failover cluster of ASAs.






Configuration flexibility and scalability: Security policies and rules can be configured


using reusable objects. Through the Modular Policy Framework (MPF), security

features can be configured and applied in a flexible and versatile manner.




Cisco Security Management Suite: Multiple ASAs can be managed from the

Cisco Security Management Suite for ease of administration.

Installing Smart Console R75.40 on the Windows Machine

 
 
Just Select which consoles you want to be installed.Improved features and GUI on version R75.40.

Current Versions for CheckPoint


CheckPoint R75 Current Versions :   R75.40 (and also for Smart Console the same version )
Be carefull !!!
for  security management server and for smart console should be same version R75.40.

After Installation of Smart Console R75.20


 
These consoles are for managing CheckPoint Sec. Man. Server R75 Firewall on  Windows machine
You can use one of them or all of them for your needs.Just dont forget your CheckPoint Security Management Server ip address :) everything goes by "Smart" :)

Don't Forget install the "CheckPoint SmartConsole R75 for Windows" application 

if you will manage your checkpoint device thru windows machine.You can manage remotely your CP machine .You can manage thru this console; SmartDashboard, SmartView Monitor, SmartView Tracker,SmartUpdate, SmartProvisioning, Smart Reporter, SmartEvent,... (all the way goes with Smart).But you will use mostly "SmartDashboard"