A family of security products produced by Check Point Software Technologies. Check Point includes both security gateway and end point products.
Questions tagged [check-point]
10 questions
3
votes
3 answers
BlackHole Toolkit v2 JAVA Payload Stage Code Execution - What does this activity mean?! I cannot get hold of the owner of the server to check
An analyst came across this alert - BlackHole Toolkit v2 JAVA Payload Stage Code Execution from the Checkpoint IPS coming from a server, the event is recorded as a blocked outgoing connection attempt - and to everyone's surprise has been triggering…
lambie
- 31
- 1
3
votes
2 answers
VPN Appliance Placement Options
I'm currently looking to implement a VPN solution (based on a Checkpoint Connectra) purely to provide remote access to staff (no site-to-site, or customer access), but the one design decision I can't quite seem to reconcile in my own mind is the…
Mike1980
- 358
- 1
- 8
2
votes
1 answer
Check Point SSL Certificate Interception
Can someone please explain how Check Point enterprise firewalls are able to read SSL traffic? My boss briefly explained that our company's firewall, which is Check Point, is able to intercept SSL certificates and reissue them to the end user,…
user89456
- 21
- 1
1
vote
1 answer
Client access to domain controller
I'm working on a solution to identify if a machine is a member of the domain or not. We are using Checkpoint R75 Identity Awareness with two possible methods to retrieve machine identity.
AD Query to pull out machine authentication from…
Dog eat cat world
- 5,759
- 1
- 27
- 46
1
vote
1 answer
Is there a supported way to run a custom log export script at boot time in Checkpoint's Gaia OS?
Specifically, we're using fwm logexport piped to logger to dump the audit logs in real time via syslog to our SEIM. It works great if the command is run manually (in the background) from the "expert" command line, but then we have to remember to go…
Rob Walsh
- 113
- 4
1
vote
1 answer
HTTPS inspection and TLS certificates
I have some difficulties wrapping my head around the following concept:
When HTTPS inspection (outbound) is enabled on a NextGen Firewall (NGFW) e.g. CheckPoint, a certificate has to be installed on the NGFW. These certificates (or at least the…
Kitetsu
- 48
- 6
1
vote
1 answer
Topology Configuration on CheckPoint
On CheckPoint firewall (R77), in the Topology config. section that is used for anti-spoofing, is it possible to configure 2 different External interfaces?
I have already an interface configured as External for an internet access via a remote…
Supersharp
- 135
- 5
0
votes
0 answers
In IPSec, what block cipher mode of operation is "AES-256"?
Multiple IPSec implementations I've run across support "AES-256" as an encryption algorithm. (pfSense has this, Checkpoint has this.)
What block cipher mode of operation is this?
Thanatos
- 1,016
- 2
- 10
- 16
0
votes
1 answer
PCI Compliance with scanned checks?
Client want's to store scanned checks on his publicly accessible server that is NOT PCI compliant.
I told him it's a bad idea.
I need to present him with the laws / FTC guidelines / government regulations that specifically outline the requirements…
DrDamnit
- 854
- 4
- 12
0
votes
1 answer
i, I, o, O packet inspection points inside a Check Point firewall
In a Check Point firewall, can you please explain what occurs between the POSTIN (I) and PREOUT (o) inspection points?
Franko
- 1,530
- 5
- 18
- 30