Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
R_Elysion
Explorer

How to Audit Checkpoint firewall R81 firewall rules for the use of Insecure protocols

Looking for a tool or API script to audit firewall rules for the use of insecure protocols as well as ports commonly used by trojans and worms etc

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

Actually, a lot of trojans and worms use legitimate protocols like https and DNS.
Which is why you need to do a lot more than just block specific services, which of course you should do through allowing access only to what precisely is needed.
If Anti-Bot isn't enabled, your system is not doing everything it can to mitigate trojans and worms.

As for your specific question, not sure anyone has written a script to perform these checks, but you can perform whatever checks you'd like using the API: https://sc1.checkpoint.com/documents/latest/APIs/index.html#introduction~v1.8%20 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events