Create a Post
Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
icon Network Security

Part 7 - Managing Security Policies

In the previous part, we have started working with SmartConsole, which is the main administrative tool for creating and managing security policies.

 

In this session, we will be using SmartConsole to perform the following tasks:

 

  1. Set Anti-Spoofing and Security Zone parameters for Security Gateway network interfaces;
  2. Create various objects;
  3. Create and apply an Access Control policy on our Security Gateway.

 

Security Policies

There are four types of Security policies:

 

  1. Access Control: With the R80.x Unified Policy concept, such policy can use Firewall, Application Control & URL Filtering, Content Awareness, and Mobile Access Software Blades;
  2. Threat Prevention: This includes IPS, Anti-Virus, Threat Emulation, and Threat Extraction Software Blades
  3. Desktop Security: This is not enabled by default and only relevant for Remote Access VPN clients.
  4. QoS: Only relevant if the QoS blade is enabled.

 

In this lecture,

...
TO READ THE FULL POST it's simple and free
6 Comments
fjulianom
Advisor

Hi,

 

Do we need to put SMS as destination in rule 1 "Mgmt"? SMS and LanNetwork are in the same segment so packets don't cross the SG.

And do we need to create the Stealth rule? If don't, that traffic will match the Cleanup rule and will be dropped anyway, preventing the unauthorized access to SMS and SG.

 

Regards,

Julián

YasTou
Explorer

Hello,

I followed the same steps as described from the beginning till part 8. I don't know why the ping doesn't wanna work to the server even if in the logs i can see the ping is going successfully. Also in part 8, i can't access the internet through my user PC which is a windows 7 virtual machine. I know that i'm missinig something and i think it's related to the network configuration of the VMs. I'm using VMware Workstation. Can you please assist me on this?

_Val_
Admin
Admin

@YasTou sounds like you have misconfigured the lab. check your network settings

YasTou
Explorer

The assigning of the IP Adresses is correct. I just want to know if the VMs are using the Host only option? If it is the case, then all the configuration that've done is correct, if i need to do a bridging or something similar, it would be helpful if you show me how.

Thanks,

_Val_
Admin
Admin

@YasTou I have zero information of what you did and how. Look at the previous sessions and double-check if your VMs and networks are configured properly. If you cannot figure it out, you can always use our own virtual lab: https://community.checkpoint.com/t5/Check-Point-for-Beginners-2-0/Network-Security-Virtual-Labs/ba-p...

 

pepso100
Participant

Hi guys,

is here something,  what I can do with this msg?

(eval 30 days license may fix it?)

Thank you.

 

TP.PNG