Professional Documents
Culture Documents
2013 Edition
2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved.
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties
Preface
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 2
Training Blades and Certification
1.
Take and pass
any 2 Training
Blades OR
+
AppControl Introduction to Gaia
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 3
Certification Renewal Examples
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 4
Check Point Certified Security Expert
1. Advanced Upgrading
2. Advanced Firewall
3. Clustering and Acceleration
4. Advanced User Management
5. Advanced IPsec VPN and Remote Access
6. Auditing and Reporting
3/4
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 6
Lab Topology
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 7
Check Point 3D Security
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 8
Check Point 3D Security
Security is a process
A network is never 100% secure
IT security policy must be transparent
Challenges to IT involve security, deployment, management,
and compliance
Security products are tools to avoid risk
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 9
Check Point 3D Security
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 10
Deployment Scenario
Alpha Corp
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 11
Upgrading
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 12
Upgrading
Learning Objectives
10
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 13
Upgrading
Backup Schedule
11
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 14
Upgrading
11
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 15
Upgrading
Upgrade Tools
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 16
Upgrading
12
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 17
Upgrading
Upgrade Tools
migrate.conf
migrate
pre_upgrade_verifier.exe
upgrade export
cp_merge
12
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 18
Upgrading
Performing Upgrades
13
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 19
Upgrading
Upgrade by:
SmartUpdate
Local Upgrade
14
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 20
Upgrading
Upgrade by:
Upgrading Production Security Management Server
Migrate and Upgrade to a New Security Management
Server
14
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 21
Upgrading
Upgrade by:
Upgrade one machine and synchronize second
(minimal downtime)
Upgrade with clean installation on one machine and
synchronize second (system downtime)
16
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 22
Upgrading
16
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 23
Upgrading
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 24
Upgrading
Lab Practice
18
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 25
Upgrading
Review Questions
18
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 26
Upgrading
Review Questions
18
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 27
Upgrading
Review Questions
18
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 28
Upgrading
Review Questions
18
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 29
Upgrading
Review Questions
18
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 30
Upgrading
Review Questions
18
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 31
Advanced Firewall
20
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 32
Advanced Firewall
Learning Objectives
20
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 33
Advanced Firewall
FireWall-1 Infrastructure
21
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 34
Advanced Firewall
GUI Clients
SmartConsole Applications:
SmartView Tracker
SmartEvent
SmartReporter
SmartDashboard
Admin Tools:
Configure
Manage & Monitor
Perform Maintenance
Generate Reports
Enforce Policy 21
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 35
Advanced Firewall
Management
21
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 36
Advanced Firewall
Security Gateway
22
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 37
Advanced Firewall
23
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 38
Advanced Firewall
24
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 39
Advanced Firewall
FWM
24
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 40
Advanced Firewall
FWD
FWD
Forwards logs
Related to policy installation
Command line tool communication
25
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 41
Advanced Firewall
FWSSD
FWSSD
Child process of FWD
Maintains Security Servers
Activated features
25
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 42
Advanced Firewall
CPWD
CPWD (WatchDog)
Invokes and monitors critical processes
Check Point daemons
Restart attempts
Processes monitored:
cpd, fwd, fwm
cpwd_admin utility used to show process
status, and to configure cpwd
25
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 43
Advanced Firewall
26
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 44
Advanced Firewall
27
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 45
Advanced Firewall
28
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 46
Advanced Firewall
Columns in a Chain
29
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 47
Advanced Firewall
Stateful Inspection
30
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 48
Advanced Firewall
Stateful Inspection
1. Packets pass
through the NIC to
the inspection
module. The
Inspection Module
inspects the
packets and their
data.
31
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 49
Advanced Firewall
Stateful Inspection
2. Packets are
matched to the
policy rule, one
rule at a time.
Packets that do
not match any
rule are
dropped.
31
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 50
Advanced Firewall
Stateful Inspection
31
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 51
Advanced Firewall
Stateful Inspection
31
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 52
Advanced Firewall
Stateful Inspection
31
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 53
Advanced Firewall
Stateful Inspection
31
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 54
Advanced Firewall
Kernel Tables
32
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 55
Advanced Firewall
Kernel Tables
32
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 56
Advanced Firewall
Connections Tables
33
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 57
Advanced Firewall
Connections Tables
Enhanced performance
Allow server replies
Stateful Featues
Streaming apps
Sequence verification and translation
Hide NAT
Logging, accounting, monitoring
Client and server id
Data connections 33
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 58
Advanced Firewall
34
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 59
Advanced Firewall
35
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 60
Advanced Firewall
35
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 61
Advanced Firewall
36
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 62
Advanced Firewall
Installation
Verification
Conversion
Code generation
CPTA
Commit
38
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 63
Advanced Firewall
39
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 64
Advanced Firewall
41
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 65
Advanced Firewall
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 66
Advanced Firewall
42
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 67
Advanced Firewall
Security Servers
43
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 68
Advanced Firewall
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 69
Advanced Firewall
43
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 70
Advanced Firewall
44
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 71
Advanced Firewall
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 72
Advanced Firewall
44
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 73
Advanced Firewall
Common Commands
cpconfig
cplic print
cpstart
cpstop
45
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 74
Advanced Firewall
What is FW Monitor?
46
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 75
Advanced Firewall
What is FW Monitor?
46
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 76
Advanced Firewall
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 77
Advanced Firewall
5247
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 78
Advanced Firewall
fw monitor
48
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 79
Advanced Firewall
Lab Practice
49
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 80
Advanced Firewall
Review Questions
54
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 81
Advanced Firewall
Review Questions
49
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 82
Advanced Firewall
Review Questions
49
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 83
Advanced Firewall
Review Questions
49
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 84
Clustering and Acceleration
51
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 85
Clustering and Acceleration
Learning Objectives
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 86
Clustering and Acceleration
VRRP
53
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 87
Clustering and Acceleration
VRRP vs ClusterXL
53
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 88
Clustering and Acceleration
VRRP vs ClusterXL
Advantages of VRRP
Minimum failover time
Supports 255 virtual routers
Minimum service disruptions during failover
Election of multiple virtual routers for load balancing
Addresses failover at router level
Avoids configuration changes in end nodes if router fails
No need for router discovery protocol for failover operation
Multi access LAN technology support
53
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 89
Clustering and Acceleration
54
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 90
Clustering and Acceleration
55
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 91
Clustering and Acceleration
56
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 92
Clustering and Acceleration
VRRP Configurations
Advanced VRRP
Necessary to monitor each interface individually
Can change the VMAC (Virtual MAC Address assignment
mode
56
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 93
Clustering and Acceleration
57
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 94
Clustering and Acceleration
Troubleshooting VRRP
57
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 95
Clustering and Acceleration
Firewall Policies
58
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 96
Clustering and Acceleration
60
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 97
Clustering and Acceleration
Clustering Terms
Active Up
Critical Device
Failure
Failover
High Availability (HA)
Hot Standby
Cluster Control Protocol
61
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 98
Clustering and Acceleration
ClusterXL
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 99
Clustering and Acceleration
ClusterXL
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 100
Clustering and Acceleration
Cluster Synchronization
63
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 101
Clustering and Acceleration
Cluster Synchronization
60
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 102
Clustering and Acceleration
Synchronized-Cluster Restrictions
64
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 103
Clustering and Acceleration
64
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 104
Clustering and Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 105
Clustering and Acceleration
66
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 106
Clustering and Acceleration
66
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 107
Clustering and Acceleration
66
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 108
Clustering and Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 109
Clustering and Acceleration
Sticky Connections
68
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 110
Clustering and Acceleration
68
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 111
Clustering and Acceleration
70
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 112
Clustering and Acceleration
70
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 113
Clustering and Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 114
Clustering and Acceleration
68
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 115
Clustering and Acceleration
Management HA
72
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 116
Clustering and Acceleration
Management HA
72
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 117
Clustering and Acceleration
72
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 118
Clustering and Acceleration
73
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 119
Clustering and Acceleration
73
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 120
Clustering and Acceleration
Synchronization Modes
73
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 121
Clustering and Acceleration
Synchronization Status
74
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 122
Clustering and Acceleration
75
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 123
Clustering and Acceleration
75
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 124
Clustering and Acceleration
Packet Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 125
Clustering and Acceleration
New connection setup packets that match, avoid a round trip to the
firewall application.
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 126
Clustering and Acceleration
76
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 127
Clustering and Acceleration
Between the Web Client and a Web Server, TCP connections are
initiated by the Web Client sending an HTTP request
77
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 128
Clustering and Acceleration
77
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 129
Clustering and Acceleration
77
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 130
Clustering and Acceleration
77
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 131
Clustering and Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 132
Clustering and Acceleration
HTTP 1.1
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 133
Clustering and Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 134
Clustering and Acceleration
Time objects
Dynamic objects
Domain objects
Source port ranges
IPS features no supported in Acceleration
NAT
Encrypted Connections
79
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 135
Clustering and Acceleration
Packet Flow
80
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 136
Clustering and Acceleration
VPN Capabilities
81
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 137
Clustering and Acceleration
82
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 138
Clustering and Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 139
Clustering and Acceleration
Default Configuration
83
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 140
Clustering and Acceleration
83
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 141
Clustering and Acceleration
83
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 142
Clustering and Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 143
Clustering and Acceleration
84
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 144
Clustering and Acceleration
84
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 145
Clustering and Acceleration
85
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 146
Clustering and Acceleration
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 147
Clustering and Acceleration
85
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 148
Clustering and Acceleration
85
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 149
Clustering and Acceleration
Acceleration path
Packet handled by
Secure XL
Medium path
Packet handled by
Secure XL, except for
IPS processing
Firewall path
SecureXL unable to
process packet
86
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 150
Clustering and Acceleration
Lab Practice
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 151
Clustering and Acceleration
Review Questions
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 152
Clustering and Acceleration
Review Questions
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 153
Clustering and Acceleration
Review Questions
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 154
Clustering and Acceleration
Review Questions
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 155
Clustering and Acceleration
Review Questions
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 156
Clustering and Acceleration
Review Questions
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 157
Clustering and Acceleration
Review Questions
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 158
Clustering and Acceleration
Review Questions
87
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 159
Advanced User Management
89
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 160
Advanced User Management
Learning Objectives
90
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 161
Advanced User Management
91
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 162
Advanced User Management
Set of rules that govern the types of objects in the directory, and their
associations is called the schema
91
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 163
Advanced User Management
91
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 164
Advanced User Management
Each are distinct containers at their own level and are part of the
enterprise container: atlantiscorp.cp.local
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 165
Advanced User Management
92
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 166
Advanced User Management
LDAP advantages:
SMS performance enhanced
LDAP database available for other applications
93
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 167
Advanced User Management
93
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 168
Advanced User Management
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 169
Advanced User Management
94
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 170
Advanced User Management
94
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 171
Advanced User Management
95
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 172
Advanced User Management
95
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 173
Advanced User Management
Schemas
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 174
Advanced User Management
96
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 175
Advanced User Management
96
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 176
Advanced User Management
97
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 177
Advanced User Management
97
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 178
Advanced User Management
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 179
Advanced User Management
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 180
Advanced User Management
98
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 181
Advanced User Management
98
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 182
Advanced User Management
99
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 183
Advanced User Management
99
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 184
Advanced User Management
ldapsearch
For example: ldapsearch -D cn=administrator,
cn=users,dc=boaz,dc=com -w zubur1! -b
cn=users,dc=boaz,dc=com -h 20.20.20.100
'(&(objectclass=user)(sAMAccountName=zaza) )'
mobile otherMobile.
Ldapmodify
For example: ldapmodify -c -h <host> -D <Admin FQDN> -w
<password> -f <schema ldif file> 99
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 185
Advanced User Management
100
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 186
Advanced User Management
100
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 188
Advanced User Management
Identity Awareness
101
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 189
Advanced User Management
Identity Awareness
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 190
Advanced User Management
Identity Awareness
102
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 191
Advanced User Management
Enabling AD Query
102
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 192
Advanced User Management
AD Query Setup
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 193
Advanced User Management
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 194
Advanced User Management
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 195
Advanced User Management
105
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 196
Advanced User Management
105
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 197
Advanced User Management
104105
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 198
Advanced User Management
Lab Practice
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 200
Advanced User Management
Review Questions
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 201
Advanced User Management
Review Questions
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 202
Advanced User Management
Review Questions
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 203
Advanced User Management
Review Questions
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 204
Advanced User Management
Review Questions
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 205
Advanced User Management
Review Questions
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 206
Advanced User Management
Review Questions
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 207
Advanced User Management
Review Questions
107
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 208
Advanced IPsec VPN and Remote Access
109
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 209
Advanced IPSec VPN and Remote Access
Learning Objectives
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 210
Advanced IPSec VPN and Remote Access
IPsec
111
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 211
Advanced IPSec VPN and Remote Access
112
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 212
Advanced IPSec VPN and Remote Access
111
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 213
Advanced IPSec VPN and Remote Access
111
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 214
Advanced IPSec VPN and Remote Access
172.24.104.1
Encryption algorithm:
AES-CBC
Key length: 256 bit
Hash algorithm: SHA1
Authentication
method: pre-shared
key
111
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 215
Advanced IPSec VPN and Remote Access
1. Packet 2 is from the responder to agree on one encryption and hash algorithm:
113
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 216
Advanced IPSec VPN and Remote Access
2. Packets 3 and 4 perform key exchanges and include a large number never used
before, called a nonce:
112
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 217
Advanced IPSec VPN and Remote Access
3. Packets 5 and 6 perform authentication between the peers of the tunnel. The peers
IP address shows in the ID field under MM packet 5:
113
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 218
Advanced IPSec VPN and Remote Access
4. Packet 6 shows the peer has agreed to the proposal and has authenticated the
initiator:
113
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 219
Advanced IPSec VPN and Remote Access
In Phase 2
Security Associations are negotiated
Shared-secret key material is determined
Additional DH exchange occurs
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 220
Advanced IPSec VPN and Remote Access
Phase 2 Stages
Peers exchange more key material and agree on encryption and
integrity methods for IPSec
DHC key is combined with the key material to produce the
symmetrical IPSec key
Symmetric IPSec keys are generated
115
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 221
Advanced IPSec VPN and Remote Access
1. Packet 1 proposes either a subnet or host ID, an encryption and hash algorithm,
and ID data:
115
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 222
Advanced IPSec VPN and Remote Access
In the ID field, the initiators VPN Domain configuration displays. In the following figure,
the VPN Domain for the initiator is the 10.2.4.0/24 network:
116
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 223
Advanced IPSec VPN and Remote Access
2. ID field_2 proposes the peers VPN Domain configuration. In the figure below, the
VPN Domain for the peer Gateway is the 10.2.2.0/24 network:
116
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 224
Advanced IPSec VPN and Remote Access
3. Packet 2 from the responder agrees to its own subnet or host ID, and encryption
and hash algorithm:
117
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 225
Advanced IPSec VPN and Remote Access
117
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 226
Advanced IPSec VPN and Remote Access
118
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 227
Advanced IPSec VPN and Remote Access
Connection Initiation
In order for VPN tunnel between the site and remote user, an
IKE negotiation must take place between them
Peer identities are authenticated (Phase 1):
Digital Certificates
Pre-Shared Secrets
Hybrid Mode
One-Time Password
Security Gateway Password
OS Password
RADIUS
TACACS
118
SAS
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 228
Advanced IPSec VPN and Remote Access
Connection Initiation
118
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 229
Advanced IPSec VPN and Remote Access
Connection Initiation
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 230
Advanced IPSec VPN and Remote Access
Link Selection
119
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 231
Advanced IPSec VPN and Remote Access
Link Selection
119
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 232
Advanced IPSec VPN and Remote Access
121
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 233
Advanced IPSec VPN and Remote Access
121
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 234
Advanced IPSec VPN and Remote Access
Explicit MEP
121
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 235
Advanced IPSec VPN and Remote Access
Implicit MEP
For remote access MEP VPNs, clients must use Office mode
122
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 236
Advanced IPSec VPN and Remote Access
Tunnel Management
123
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 237
Advanced IPSec VPN and Remote Access
Permanent Tunnels
123
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 238
Advanced IPSec VPN and Remote Access
Tunnel Testing
124
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 239
Advanced IPSec VPN and Remote Access
Tunnel Testing
124
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 240
Advanced IPSec VPN and Remote Access
124
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 241
Advanced IPSec VPN and Remote Access
125
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 242
Advanced IPSec VPN and Remote Access
126
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 243
Advanced IPSec VPN and Remote Access
Tracking Options
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 244
Advanced IPSec VPN and Remote Access
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 245
Advanced IPSec VPN and Remote Access
127
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 246
Advanced IPSec VPN and Remote Access
Troubleshooting
128
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 247
Advanced IPSec VPN and Remote Access
Troubleshooting
127
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 248
Advanced IPSec VPN and Remote Access
Troubleshooting
128
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 249
Advanced IPSec VPN and Remote Access
VPN Debug
129
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 250
Advanced IPSec VPN and Remote Access
VPN Debug
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 251
Advanced IPSec VPN and Remote Access
VPN Debug
130
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 252
Advanced IPSec VPN and Remote Access
VPN Debug
130
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 253
Advanced IPSec VPN and Remote Access
VPN Debug
130
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 254
Advanced IPSec VPN and Remote Access
131
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 255
Advanced IPSec VPN and Remote Access
131
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 256
Advanced IPSec VPN and Remote Access
VPN Debug
vpn tu
The command vpn tu is short for vpn tunnelutil, and is
useful for deleting IPSec or IKE SAs to a specific peer or user
without interrupting other VPN activities.
Example
You have several site-to-site VPN tunnels among Gateways.
You want to remove the IKE SAs for a particular peer, without
interrupting the other VPNs. How do you do that?
Run vpn tu from the Gateway Command Line Interface, and select
delete all IPSec and IKE SAs for a given Peer (GW) option.
132
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 257
Advanced IPSec VPN and Remote Access
VPN Debug
Comparing SAs
1. Enable VPN debugging on both your site and your partners site with vpn
debug on trunc.
2. Use vpn tunnelutil (vpn tu) to remove all SAs for either the peer
with which you are about to create the tunnel, or all tunnels.
3. Have your peer initiate the tunnel from its site to yours.
4. Use vpn tunnelutil (vpn tu) to remove all SAs for either the peer
with which you are about to create the tunnel, or all tunnels.
5. Initiate the tunnel from your site to your peer.
6. Disable debugging on both sites.
7. Examine ike.elg and vpnd.elg, as they will now contain records of
the SA sent by your gateway, as well as what was received from your
partner site.
132
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 258
Advanced IPSec VPN and Remote Access
133
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 259
Advanced IPSec VPN and Remote Access
133
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 260
Advanced IPSec VPN and Remote Access
This will prevent Check Point from supernetting networks in the VPN
domain. The subnets defined in the network object should be used.
133
Cont
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 261
Advanced IPSec VPN and Remote Access
Check for multiple network objects in the VPN domain that overlap.
For example, 10.1.1.1/24 and 10.0.0.0/8 are both in the VPN
domain. It is possible that a packet sourced from 10.1.x.x will use
255.0.0.0 for the subnet in phase 2 instead of 255.255.255.0.
Example - 1
Assume you have a site-to-site VPN between two Check Point
Security Gateways.
They are managed by their own Management Servers.
You see a lot of IKE Phase 1 failures in SmartView Tracker.
You run IKE debug on one Gateway and discover only one packet
in Main mode is transferred.
There is no packet in Main mode after packet 1.
What might have caused this problem?
134
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 263
Advanced IPSec VPN and Remote Access
Example - 1
What might have caused this problem?
134
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 264
Advanced IPSec VPN and Remote Access
Example - 2
You are configuring a site-to-site VPN from a Check Point Security
Gateway to a Cisco device.
You see that traffic initiated from the VPN Domain inside the Security
Gateway is dropped with the error, Packet is dropped as there is no
valid SA.
The Cisco side is sending Delete SA to the Security Gateway.
The IKE debug indicates a Phase 2 (Quick mode) failure.
What is causing the misconfiguration?
134
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 265
Advanced IPSec VPN and Remote Access
Example - 2
What is causing the misconfiguration?
134
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 266
Advanced IPSec VPN and Remote Access
Lab Practice
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 267
Advanced IPSec VPN and Remote Access
Review Questions
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 268
Advanced IPSec VPN and Remote Access
Review Questions
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 269
Advanced IPSec VPN and Remote Access
Review Questions
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 270
Advanced IPSec VPN and Remote Access
Review Questions
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 271
Advanced IPSec VPN and Remote Access
Review Questions
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 272
Advanced IPSec VPN and Remote Access
Review Questions
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 273
Advanced IPSec VPN and Remote Access
Review Questions
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 274
Advanced IPSec VPN and Remote Access
Review Questions
135
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 275
Auditing and Reporting
137
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 276
Auditing and Reporting
Learning Objectives
Corporate governance
Efficient auditing and reporting
Compliance regulatory practices 139
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 278
Auditing and Reporting
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 279
Auditing and Reporting
140
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 280
Auditing and Reporting
SmartEvent
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 281
Auditing and Reporting
SmartEvent
141
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 282
Auditing and Reporting
SmartEvent
142
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 283
Auditing and Reporting
SmartEvent Intro
142
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 284
Auditing and Reporting
SmartEvent Architecture
143
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 285
Auditing and Reporting
Example Deployment
143
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 286
Auditing and Reporting
144
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 287
Auditing and Reporting
Analyzer Server
144
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 288
Auditing and Reporting
145
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 289
Auditing and Reporting
145
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 290
Auditing and Reporting
146
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 291
Auditing and Reporting
147
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 292
Auditing and Reporting
147
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 293
Auditing and Reporting
148
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 294
Auditing and Reporting
149
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 295
Auditing and Reporting
150
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 296
Auditing and Reporting
151
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 297
Auditing and Reporting
152
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 298
Auditing and Reporting
153
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 299
Auditing and Reporting
SmartReporter
SmartReporter provides:
High-level view, trends, reports
Understanding of the details of each event
Integration with other tools to modify the security policies
Manage events by state and owner
154
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 300
Auditing and Reporting
SmartReporter
154
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 301
Auditing and Reporting
Consolidation Policy
Consolidation Policy:
Similar to a Security Policy in structure and management
Uses Rule Bases defined via SmartDashboard
Uses the network objects
Consolidation rules store or ignore logs that match rules
Based on logs, not security issues
155
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 302
Auditing and Reporting
SmartReporter
155
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 303
Auditing and Reporting
Consolidation Policy
155
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 304
Auditing and Reporting
Report Types
156
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 305
User Management and Authentication
Lab Practice
157
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 306
User Management and Authentication
Review Questions
157
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 307
User Management and Authentication
Review Questions
157
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 308
User Management and Authentication
Review Questions
157
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 309
User Management and Authentication
Review Questions
157
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 310
User Management and Authentication
Review Questions
157
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 311
User Management and Authentication
Review Questions
157
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties | 312
Security Engineering
2013 Edition
2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved.
2013 Check Point Software Technologies Ltd. [Confidential] For Check Point users and approved third parties