Danny Jung

Cipher Configuration Tool (CCT)

Discussion created by Danny Jung Champion on Sep 18, 2018

Starting with R80.10 you can use the all new

Cipher Configuration Tool (CCT)

to control ciphers.

 

To enable the tool in Expert mode, do the following:

 

    1. Create a new file named vpn_cipher_priority.conf  in $CPDIR/conf
    2. Edit the vpn_cipher_priority.conf file to look like this:

 

4. Enable CCT by editing the registry key: # ckp_regedit -a SOFTWARE/CheckPoint/FW1 enable_cipher_configuration 1

        5. Push the policy to the relevant Security Gateway.

 

CTT works with:

  • GAIA WebUI
  • Mobile Access (SSL VPN)
  • DLPSenderPortal
  • UserCheck
  • NAC

 

Support for HTTPS Inspection is not included yet.

Outcomes