Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
kapuranirudh
Explorer

Need help in preparing benchmark documents for Checkpoint firewall

Hi All,

Can anyone help me and tell me the "RISK factors" for the following benchmark conditions:

Ensure Password Minimum length is set
Ensure Password Syntax: Character Types is set
Ensure Password Syntax: ID within Password is set
Ensure Maximun signon attempts is set
Ensure Lockout duration is set
Ensure Reset account lockout counter after
User login to system/device
User logoout from system/device
Retention of created log files
Connection matched by SAM
VPN packet handling errors
VPN configuration & key exchange errors
IP Options drop
File Transfer Protocol (FTP)
Unused Interfaces access
Dynamic routing protocols
ICMP virtual session timeout
Accept stateful UDP replied for unknown services
Accept Stateful ICMP replies
Accept Stateful ICMP errors
Drop and log out of state packets
Drop and log out of state ICMP packets
Explicit firewall management rules present
Accept Remote Access Control connections
Accept outgoing packets originating from Gateway
Accept Web and SSH connections for Gateway's administration
Accept incoming traffic to DHCP and DNS services of gateways
Accept Dynamic Address modules' outgoing Internet connections
IPsec VPN
SSL VPN
IPS
Web Security URL Filtering
Anti-virus and Anti Malware
Anti-Spam and Email Security
Acceleration and Clustering
Voice over IP
Data loss Prevention
Application Control
Logging

 

Sorry, the list is long, but if you could help me I will be grateful to you, thanks..!!

 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

It’s not clear what you mean by “Risk Factors” here.
This also looks like a mix of Global Properties, OS settings, etc.
Can you provide some context around the question?
0 Kudos
kapuranirudh
Explorer

Hi, Thanks for your reply, I wanted to know what happens if the above particular settings are not configured on a checkpoint firewall, then what could be the risk to the firewall. Example: If "Password Minimum length is set" is not followed then "anyone can easily guess the passwords and control the incoming and outgoing traffic to a firewall."

As I am a novice in this field so I hope now I am able to explain my question properly to you. Thanks
0 Kudos
G_W_Albrecht
Legend
Legend

You really have just put together a confusing mix of buzzwords, but no benchmark conditions:

Ensure ... is something to do to meet standards

- VPN packet handling errors are not RISK factors
- VPN configuration & key exchange errors are not RISK factors
- IP Options drop are not RISK factors
- File Transfer Protocol (FTP) is no RISK factors if configured appropriately 

IPsec VPN is a SW blade, no RISK factor
- SSL VPN is a SW blade, no RISK factor
- IPS is a SW blade, no RISK factor

Also a SW blade, no RISK factor is:

URL Filtering
Anti-virus and Anti Malware
Anti-Spam and Email Security
Acceleration and Clustering
Data loss Prevention
Application Control
Logging

I would rather suggest doing the CCSA and the CCSE certification, study the documentation and suddenly, most of it may be very clear to you 😁 !

CCSE CCTE CCSM SMB Specialist
0 Kudos
FedericoMeiners
Advisor

Many points of this list are just configurations that achieve certain functionality, therefore many of them don't propose a risk if you don't set them up

For example: Dynamic routing, IPSec VPN, among others.

You should focus on risk of not using security features such as IPS or potential security risks by using Dynamic routing.

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events