Scribd Logo
Hochladen

Willkommen bei Scribd!

  • To The Student Training Course of Firewall-1 Version 4.0: C C S A

    Hochgeladen von

    agnysa
    37 Ansichten35 Seiten
    ccsa

    Originaltitel

    checkpoint

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PPT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    ccsa

    Copyright:

    © All Rights Reserved
    Als PPT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    37 Ansichten35 Seiten

    To The Student Training Course of Firewall-1 Version 4.0: C C S A

    Hochgeladen von

    agnysa
    ccsa

    Copyright:

    © All Rights Reserved
    Als PPT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 35

    Welcome

    s1

    to the Student Training Course


    of FireWall-1 Version 4.0

    Check Point
    Certified
    Security
    Administrator
    Page 1 s2

    FireWall-1 Version 4.0

    Introduction to
    CCSA
    Page 1 s3
    Course: Objectives

     Identify the basic components of FireWall-1


     Successfully install FireWall-1
     Successfully configure FireWall-1

     Identify the FireWall-1 elements


    that you will need to manage
     Successfully configure FireWall-1
     Successfully complete the final
    scenario at the end of the course
    Page 4 s5

    Chapter Layout

    Each chapter covers:


    •Introduction
    •Objectives
    •Key Terms
    •Theory
    •Step-by-step instructions
    •Hands-on Labs
    •Review
    Page 4 s6

    Course Map Day One

    Unit I — Overview

    Introduction

    Chapter 1: FireWall-1 Architecture

    Unit II — Getting Started

    Chapter 1: FireWall-1 Installation and Setup

    Chapter 2: Navigating in FireWall-1

    Chapter 3: Management Tools


    Page 4 s7

    Course Map Day One (continued)

    Unit III — Managing Your Network

    Chapter 1: Security Policy Rule Base and Properties Setup

    Chapter 2: Administering Security Policy with Rule Base

    End of Day One


    Page 4 s8

    Course Map Day Two

    Unit IV — Customizing FireWall-1

    Chapter 1: Authentication

    Chapter 2: Network Address Translation

    Final Scenario
    Page 8 s12

    What’s New...
     New Platforms
     Encryption
     Enterprise Management
     Authentication
     Client Authentication
     Security Servers
     Support for New Services
    Check your CCSA User Guide for specifics!
    Page 9 s13

    FireWall-1 Version 4.0

    Unit I-1 FireWall-1


    Architecture
    Page 9 s14

    FireWall-1 Architecture: Objectives

     Describe the purpose of a firewall


     Describe and compare firewall architectures
     Identify the different components
    of FireWall-1
    Page 11 s15

    What Is A Firewall?
    Connects internal and external networks with
    varying levels of trust by implementing security
    policy regarding network communication
    Untrusted
    Trusted Firewall Networks & Servers
    Networks

    Untrusted
    Router Users
    Intranet Internet
    Server
    Segment Public Accessible
    Servers & Networks

    Trusted
    Users
    Page 11 s16

    What a Firewall Cannot Protect

     Against malicious authorized users


     Against connections that don’t go through it
     100% against all threats*
    *New ways to break through networks are continually
    developed. To combat this, Check Point continually
    develops and distributes new methods of protection
    against unauthorized access to your network.

    A firewall is only as effective


    as the security policy it supports
    and the networks it protects.
    Page 11 s17

    TCP/IP Stack
    Page 12 s18

    Packets

    Application
    TCP/IP uses a data
    Presentation
    OSI
    Reference
    envelope called an
    Session
    Model Internet Protocol (IP)
    Transport packet to transmit bits
    Network
    (data) from one place
    Data Link

    Physical
    to another.
    TCP/IP Packet

    Source Destination Source Destination Source Port Destination


    Payload (Session Data) CSUM CSUM CSUM
    MAC Address MAC Address IP Address IP Address Number Port Number
    Page 13 s19

    Methods of Securing Networks

    Application  Application Layer Gateway


    Presentation (Proxy)
    Session • Application Level
    Transport
    Network  Packet Filtering
    • Network Level

     Stateful Inspection
    Data Link • FireWall-1:
    Physical Before Network Level
    Page 13 s20

    Packet Filtering Path

    Application Application

    Presentation Presentation

    Session Session

    Transport Transport

    Network Network
    DataLink DataLink DataLink

    Physical Physical Physical

    Router
    Page 13 s21

    Pros of Packet Filtering

    Application
    Presentation  Pros
    Session • Inexpensive
    • Application Transparency
    Transport
    Network
    Data Link
    Physical
    Page 13 s22

    Cons of Packet Filtering

    Application
    Presentation Cons
    Session •Low Security
    •Subject to IP Spoofing
    Transport •Difficult to manage ACLs
    Network •Not Scaleable
    Data Link •No Screening above the
    Physical Network Layer
    Page 15 s23
    Application Layer Gateway
    (Proxy) Path

    Telnet FTP HTTP

    Application Application Application

    Presentation Presentation Presentation


    Session Session Session

    Transport Transport Transport

    Network Network Network

    DataLink DataLink DataLink

    Physical Physical Physical

    Router
    Page 15 s24

    Pros of Application Layer Gateway

    Application
    Presentation  Pros
    Session • Good Security
    Transport • Full application-layer
    Network awareness
    Data Link
    Physical
    Page 15 s25

    Cons of Application Layer Gateway

    Application
    Presentation  Cons
    Session • Poor Performance
    Transport • Limited Application Support
    Network • Poor Scalability
    Data Link • Non-transparent
    Physical
    Page 16 s26

    Stateful Inspection Path

    Application

    Application Presentation Application

    Presentation Session Presentation

    Session Transport Session

    Transport Network Transport

    Network Network

    DataLink DataLink DataLink

    Physical Physical Physical

    INSPECT Engine

    Dynamic
    State Tables
    Page 17 s27

    Stateful Inspection

    Application  Pros
    Presentation • Good Security
    Session • High Performance
    Transport • Full Application-layer
    Awareness
    Network
    • Scalability
    • Extensible
    • Transparency

    Data Link FireWall-1 Technology


    Physical
    Page 19 s29
    FireWall-1 Inspect Engine

     Located in the Kernel Module


     Accepts, Rejects or Drops Packets
     Saves system processing time and
    resources
    Page 198 s30

    User and Kernel Modes


    Page 20 s31
    Inspect Engine Inspects Packets

     The Inspect Engine in


    the kernel module
    inspects the packets
    by accessing its rule
    base
    INSPECT ENGINE
    Page 20-21 s32

    Allow, Drop or Reject Packets

     If packets do not pass


    inspection, they are
    rejected or dropped,
    according to the rule

    Allow
    base.
    Drop or Reject
    INSPECT ENGINE
    Page 21 s33
    Flow of Packets through Inspect Engine
    Page 22 s34
    FireWall-1 Products

     Enterprise Products
     Multiple network security solutions that include
    multiple Firewall Modules, Management
    Modules and GUIs

     Single Gateway Products


     Single point network security solutions that
    include a single Firewall Module, Management
    Module and GUI
    Page 23 s35
    FireWall-1 Components

    Management
    Module
    Firewall
    Module

    Inspection GUI
    Module
    Connect Control
    Module
    Router Security
    Management
    Encryption
    Module
    Page 23 s36

    Firewall Module

    Firewall
     Firewall Module:
    Module
    • Includes Inspection
    Module and Daemons
    Inspection
    • Controls and monitors Module
    firewall modules Connect Control
    Module
    • Inspection Module
    – Implements the security policy and logs events
    – Communicates with the Management Module using the
    daemons
    • Connect Control Module
    – Enables server load balancing
    Page 24 s37

    Management Module

    Management
    Module

     Accessed through the GUI and


    located on the Management Server.
     Manages the FireWall-1 database:
    Rule Base, Network Objects,
    Services, Users, and more
    Page 24 s38

    Encryption Module

    Encryption
    Module

    Encryption

    Module
    Enables secure, encrypted
    communications between machines
    protected by FireWall-1
    Page 24 s39

    Router Security Management

    Router Security
    Management

     Enables an administrator to generate


    and download Access Lists and
    control any number of routers from a
    single workstation
    Page 24 s40

    Three GUI Components

    GUI

     Security
    Policy Editor  System
    Status
     Log Viewer

    Das könnte Ihnen auch gefallen