This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
LostBoY
Advisor
‎2019-05-23 03:05 AM
Jump to solution

Checkpoint Hardening Benchmark

Hello, 

Is there any standard Benchmark followed for hardening of Checkpoint Devices ?  Like its there for Cisco - CIS 4.1.0

Thanks

1 Solution

Accepted Solutions
DeletedUser
Not applicable
‎2020-06-30 10:42 AM
In response to _Val_
Jump to solution

The CIS Community just published v1.1.0 based on R80.10. Look for it under Network Devices. 

https://www.cisecurity.org/cis-benchmarks/

View solution in original post

6 Replies
G_W_Albrecht
Legend Legend
Legend
‎2019-05-23 03:18 AM
Jump to solution

Maybe you are interested in these documents: R77 Gaia Hardening Guide  and sk106597: Best Practices - Rulebase Construction and Optimization

But in general, hardening is an ongoing process for CP GAiA OS and SW/HW products with Jumbo HFs playing a major role !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Andrew_Kemmy
Participant
‎2020-02-03 12:52 PM
Jump to solution

I looked for one this morning - the most up to date one I found was from 2007 https://www.cisecurity.org/wp-content/uploads/2017/04/CIS_Checkpoint_Benchmark_v1.0.pdf

Maybe it would be good to write a more up to date one?

 

_Val_
Admin
Admin
‎2020-06-09 12:04 AM
In response to Andrew_Kemmy
Jump to solution

There are hardening guides available for latest versions, for example: https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80_30_Gaia_Hardening/Default.htm

 

 

DeletedUser
Not applicable
‎2020-06-30 10:42 AM
In response to _Val_
Jump to solution

The CIS Community just published v1.1.0 based on R80.10. Look for it under Network Devices. 

https://www.cisecurity.org/cis-benchmarks/

PhoneBoy
Admin
Admin
‎2020-07-05 09:03 PM
In response to DeletedUser
Jump to solution

Do you know if they're going to update it for, say, R80.40?
0 Kudos
DeletedUser
Not applicable
‎2020-07-06 08:23 AM
In response to PhoneBoy
Jump to solution

It's a community effort so depends upon backing by community members. If we get more members in that group, then could probably be done. For anyone interested, there's a signup link on the CIS Benchmarks FAQ page

This is also a route to download the current Check Point Benchmark. Notice the link isn't currently working......

"In order to download a CIS Benchmark from Workbench, you will need to join the CIS WorkBench community for that particular benchmark. To join a community, simply login to CIS WorkBench (registration is free), select the "Communities" tab on the top menu bar and select your community of interest. Upon navigating to the community dashboard, select "Join"."

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events