Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
LostBoY
Advisor

Define Policy - Best Practices

Hello,

When we deploy new firewalls there is a Standard Policy created.

Is it a best practice to create rules in the same standard policy or a separate policy should be created ?

If a separate policy is to be created than what is the Standard Policy used for ? 

 

Thanks

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

In a fresh installation, you need to have some policy package to start with.
Why the name Standard was chosen as the name, not sure.
It goes back to the beginnings of the product.
Whether you use the Standard policy package or create a different one to out your rules in, it's really up to you.
Generally people will create a new one with a more meaningful name.
HeikoAnkenbrand
Champion Champion
Champion

Hi @LostBoY 

After a "fresh install" the default policy ensures that access to the firewall is restricted:

source      destination     service
--------------------------------
any            fw                     443               GAIA WebGUI
any            fw                     22                 SSH
any            fw                     18191           Policy Install / SIC
any            fw                     18192           CPD_amon  (I'm not sure here anymore)
any            fw                     18211           CP_ica_push

More to communication ports here:
R80.x Ports Used for Communication by Various Check Point Modules

 

 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events