This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Prashan_Attanay
Collaborator
‎2017-11-22 10:45 PM

Stealth Rule

Checkmates,

May be this question is bit stupid, But i want to know if stealth rule implemented like this we don't have access to firewalls (like ssh) right ?

BR

1 Reply
Timothy_Hall
Legend Legend
Legend
‎2017-11-23 06:36 AM

Correct, typically prior to the Stealth Rule you'll have rules such as:

1) Admin. Access - SSH/HTTPS/4434 to the firewall from trusted internal hosts/subnets

2) Ping/Traceroute - Can internal hosts ping the firewall itself, and will the firewall hop show up in traceroute path or "star out"

3) SNMP Monitoring traffic from an NMS to the firewall itself

4) dhcp-request/dhcp-reply/DHCP relay services if needed

5) Allow for Dynamic Routing Protocols & VRRP if firewall is configured for those

There are some other corner cases (Legacy Client Auth, old versions of SecuRemote and such), but generally these are the only rules you should have in front of the Stealth rule.

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events