cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Security Servers

Hello,

I am trying to understand the difference between content security/Threat Prevention and the legacy security servers.

Are security servers (fwssd - in.ahhtpd etc.) still used anywhere in the modern R80.10 NGTP gateway - where AV, AB, TE and/or TEX?

The NGTP pdf Moty shared on the community is a bit high level.

Also interested in the access control blades that might use fwssd or details on what they use.

SK88020 implies that there are kernel modules in use (APPI and RAD_KERNEL).

Does that mean that it is not fwssd but a more efficient process attached to the fw kernel? Perhaps Resource Advisor running in kernel memory and as a kernel module/process? Same for the NGTP engine/s?

Thanks,

Don

0 Kudos
3 Replies

Re: Security Servers

The security server daemons you specifically named (in.aXXXXd) are not really used on a modern gateway.  However your question touches on what kind of processes are used on a firewall to handle/scan traffic outside the kernel.  There is a brand new chapter in the second edition of my book that covers this aspect in detail.  Key processes are rad, dlpu, and dlpda.  Bit tough to summarize it all here as the chapter ended up being over 20 pages, but some insight into this area is forthcoming...

--
My Book "Max Power: Check Point Firewall Performance Optimization"
Second Edition Coming Soon

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
Admin
Admin

Re: Security Servers

The only place Security Servers *might* still be in use is DLP, and even there I believe we have moved away from using them.

They are largely deprecated in R80.x.

Re: Security Servers

Thanks guys. Good info.

Obviously with such a large customer install base things like FWSSDs and Legacy Auth will be in use in places and that could persist for some time.

BTW. Part of the question is to get an understanding not only technically but also related to the CCSE training content and besides certification exam and real-world training how to properly describe the FWSSDs in the context of the NGTP (and NGTX) gateway.