Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

R80.x Security Gateway Architecture (Logical Packet Flow)

Introduction

This document describes the packet flow (partly also connection flows) in a Check Point R80.10 and above with SecureXL and CoreXL, Content Inspection, Stateful inspection, network and port address translation (NAT), MultiCore Virtual Private Network (VPN) functions and forwarding are applied per-packet on the inbound and outbound interfaces of the device. There should be an overview of the basic technologies of a Check Point Firewall. We have also reworked the document several times with Check Point, so that it is now finally available.

Chapter

More interesting articles:
- R80.x Architecture and Performance Tuning - Link Collection
- Article list (Heiko Ankenbrand)

Logical Flowchart 

 

r8010_packet_flow_1.7a_pdf-1.jpg

Attention! Starting with R80.20 the flows in the firewall have changed. Therefore the flows can no longer be shown 100% in a drawing. This drawing can only be used as a schematic view. For example, correction flows are used to reinject packets. SecureXL parts are now executed in the inspection code. The processing of accept templates and rule based checks have also changed. A drawing is provided below in this article. If you want to know how the packets physically pass

...
TO READ THE FULL POST it's simple and free