This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
kapuranirudh
Explorer
‎2019-10-10 12:09 AM

Need help in preparing benchmark documents for Checkpoint firewall

Hi All,

Can anyone help me and tell me the "RISK factors" for the following benchmark conditions:

Ensure Password Minimum length is set
Ensure Password Syntax: Character Types is set
Ensure Password Syntax: ID within Password is set
Ensure Maximun signon attempts is set
Ensure Lockout duration is set
Ensure Reset account lockout counter after
User login to system/device
User logoout from system/device
Retention of created log files
Connection matched by SAM
VPN packet handling errors
VPN configuration & key exchange errors
IP Options drop
File Transfer Protocol (FTP)
Unused Interfaces access
Dynamic routing protocols
ICMP virtual session timeout
Accept stateful UDP replied for unknown services
Accept Stateful ICMP replies
Accept Stateful ICMP errors
Drop and log out of state packets
Drop and log out of state ICMP packets
Explicit firewall management rules present
Accept Remote Access Control connections
Accept outgoing packets originating from Gateway
Accept Web and SSH connections for Gateway's administration
Accept incoming traffic to DHCP and DNS services of gateways
Accept Dynamic Address modules' outgoing Internet connections
IPsec VPN
SSL VPN
IPS
Web Security URL Filtering
Anti-virus and Anti Malware
Anti-Spam and Email Security
Acceleration and Clustering
Voice over IP
Data loss Prevention
Application Control
Logging

 

Sorry, the list is long, but if you could help me I will be grateful to you, thanks..!!

 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2019-10-11 06:30 PM

It’s not clear what you mean by “Risk Factors” here.
This also looks like a mix of Global Properties, OS settings, etc.
Can you provide some context around the question?
0 Kudos
kapuranirudh
Explorer
‎2019-10-22 05:29 AM
In response to PhoneBoy

Hi, Thanks for your reply, I wanted to know what happens if the above particular settings are not configured on a checkpoint firewall, then what could be the risk to the firewall. Example: If "Password Minimum length is set" is not followed then "anyone can easily guess the passwords and control the incoming and outgoing traffic to a firewall."

As I am a novice in this field so I hope now I am able to explain my question properly to you. Thanks
0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2019-10-22 06:13 AM
In response to kapuranirudh

You really have just put together a confusing mix of buzzwords, but no benchmark conditions:

Ensure ... is something to do to meet standards

- VPN packet handling errors are not RISK factors
- VPN configuration & key exchange errors are not RISK factors
- IP Options drop are not RISK factors
- File Transfer Protocol (FTP) is no RISK factors if configured appropriately 

IPsec VPN is a SW blade, no RISK factor
- SSL VPN is a SW blade, no RISK factor
- IPS is a SW blade, no RISK factor

Also a SW blade, no RISK factor is:

URL Filtering
Anti-virus and Anti Malware
Anti-Spam and Email Security
Acceleration and Clustering
Data loss Prevention
Application Control
Logging

I would rather suggest doing the CCSA and the CCSE certification, study the documentation and suddenly, most of it may be very clear to you 😁 !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
FedericoMeiners
Advisor
‎2019-10-22 06:17 AM
In response to kapuranirudh

Many points of this list are just configurations that achieve certain functionality, therefore many of them don't propose a risk if you don't set them up

For example: Dynamic routing, IPSec VPN, among others.

You should focus on risk of not using security features such as IPS or potential security risks by using Dynamic routing.

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events