Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
PhoneBoy
Admin
Admin

Gaia Hardening for R81

The document linked below describes the hardening of the Check Point Gaia operating system.
Components that are not necessary for a network security device, or that could cause security vulnerabilities, were removed.
Check Point Gaia R81 is based on Red Hat 7.6 version and the Linux kernel 3.10.0-957.
The applications removed from the operating system include X Windows, Office applications, games, and many other applications that are irrelevant to Firewall operations.
The document linked below describes the remaining packages and modifications to the system.

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_Hardening/Topics-GAH/Gaia_Har... 

5 Replies
HeikoAnkenbrand
Champion Champion
Champion

But there are still a lot of packages missing.
For example openssl. This package has been modified by Check Point.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos
Anthony_Kahwati
Collaborator

I'm in this process and also using the following as reference:

https://www.cisecurity.org/cis-benchmarks/

Scroll through list for Checkpoint

Accepted internally by our security team as a valid approach.... maybe not definitive but good as a complement to any other sources.

0 Kudos
Anthony_Kahwati
Collaborator

The link target seems to have been removed.

0 Kudos
PhoneBoy
Admin
Admin

I updated the original post with a corrected link.

_Val_
Admin
Admin

Yeah, the SK team is wreaking havoc 🙂

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events