Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sebastien_Barbe
Participant

STIG - Technical Implementation Guidelines

Hi

I'm looking for technical implementation guidelines for R80.10 and GAIA ?

I couldn't find anything provided by Checkpoint. CIS has something but it's rather outdated. If anyone has some pointers I'd be interrested to hear about it.

tx

0 Kudos
Reply
4 Replies
XBensemhoun
Advisor

Bob_Bent
Mod
Mod

Are you talking about this 2007 CIS document on SecurePlatform? It's a nice overview. Much of the information still applies. Don't think we have anything that compares to it, though you can find some of the information in existing SKs. For instance check out the list of Best Practices (sk111303).

2.2 Apply Latest OS patches (see CPUSE sk92449)

2.11 Install and run NTP (see Gaia Admin Guide)

2.13 Secure SNMP (SNMP Best Practices)

3.4 Enable SmartDefense (IPS Best Practices)

3.9 Enable Periodic Revision Control (R80 Revisions Management, R80.10 Policy Revisions, community discussion, also see Best Practices - Backup on Gaia OS)

0 Kudos
Reply
Sebastien_Barbe
Participant

Hi Bob, (and Xavier are your answers are in the same vein),

thanks for your feedback.

The installation or release documentation while interesting do not provide a clear set of recommendation that could be used as a baseline for some one to install/upgrade. As Bob points out, I'm more interested in a "refreshed" version of the CIS documentation that would encompass those nice best practices taking into account recommendations from DISA (Firewall & IDS/IPS ) and looking at the specific of GAIA.

If such a consolidated document would exist and be a "officialy" endorsed document from checkpoint it would facilitate auditors and implementors life by demonstrating that best practices having been taken into account. You can guess that if I ask the question it is because I keep seeing firewalls deployed in production with SNMP public communities (among others horrors). (not to mention that the competition do provide this kind of guidance).

Tx

0 Kudos
Reply
Bob_Bent
Mod
Mod

Agree this would be nice to have an update to the CIS document. Would just add (and Tomer Sole will roll over in his sleep 🙂 if I don't mention the Firewall STIG requirements included in the Compliance Blade (see ATRG Compliance Blade). Again, not everything you're looking for, but it's a start. 

Firewall STIG refers to the Network Firewall Security Technical Implementation Guide published by the Defense Information Systems Authority (DISA). The requirements supported are based on version 8, release 13 (see screenshot below from our cloud demo).

Best to view for yourself in the SmartConsole cloud demo. Go to Logs & Monitor, click on New Tab, click on Open Compliance View, click on See All in the lower right Regulatory Compliance quadrant, select STIG. Each requirement may have more than one security best practice associated with it.