This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sebastien_Barbe
Participant
‎2018-01-07 03:37 PM

STIG - Technical Implementation Guidelines

Hi

I'm looking for technical implementation guidelines for R80.10 and GAIA ?

I couldn't find anything provided by Checkpoint. CIS has something but it's rather outdated. If anyone has some pointers I'd be interrested to hear about it.

tx

0 Kudos
4 Replies
XavierBens
Employee
Employee
‎2018-01-08 09:41 AM

Did you look at R80.10 Release Notes and R80.10 Installation and Upgrade Guide ?

Cybersecurity Evangelist, CISSP, CCSP, CCSM Elite
DeletedUser
Not applicable
‎2018-01-08 01:50 PM

Are you talking about this 2007 CIS document on SecurePlatform? It's a nice overview. Much of the information still applies. Don't think we have anything that compares to it, though you can find some of the information in existing SKs. For instance check out the list of Best Practices (sk111303).

2.2 Apply Latest OS patches (see CPUSE sk92449)

2.11 Install and run NTP (see Gaia Admin Guide)

2.13 Secure SNMP (SNMP Best Practices)

3.4 Enable SmartDefense (IPS Best Practices)

3.9 Enable Periodic Revision Control (R80 Revisions Management, R80.10 Policy Revisions, community discussion, also see Best Practices - Backup on Gaia OS)

0 Kudos
Sebastien_Barbe
Participant
‎2018-01-09 11:10 AM
In response to DeletedUser

Hi Bob, (and Xavier are your answers are in the same vein),

thanks for your feedback.

The installation or release documentation while interesting do not provide a clear set of recommendation that could be used as a baseline for some one to install/upgrade. As Bob points out, I'm more interested in a "refreshed" version of the CIS documentation that would encompass those nice best practices taking into account recommendations from DISA (Firewall & IDS/IPS ) and looking at the specific of GAIA.

If such a consolidated document would exist and be a "officialy" endorsed document from checkpoint it would facilitate auditors and implementors life by demonstrating that best practices having been taken into account. You can guess that if I ask the question it is because I keep seeing firewalls deployed in production with SNMP public communities (among others horrors). (not to mention that the competition do provide this kind of guidance).

Tx

0 Kudos
DeletedUser
Not applicable
‎2018-01-09 03:04 PM
In response to Sebastien_Barbe

Agree this would be nice to have an update to the CIS document. Would just add (and Tomer Sole will roll over in his sleep 🙂 if I don't mention the Firewall STIG requirements included in the Compliance Blade (see ATRG Compliance Blade). Again, not everything you're looking for, but it's a start. 

Firewall STIG refers to the Network Firewall Security Technical Implementation Guide published by the Defense Information Systems Authority (DISA). The requirements supported are based on version 8, release 13 (see screenshot below from our cloud demo).

Best to view for yourself in the SmartConsole cloud demo. Go to Logs & Monitor, click on New Tab, click on Open Compliance View, click on See All in the lower right Regulatory Compliance quadrant, select STIG. Each requirement may have more than one security best practice associated with it.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top