Essential Check Point FireWall-1 NG: An Installation, Configuration, and Trouble

Dameon Welch-Abernathy

  • 出版商: Addison Wesley
  • 出版日期: 2004-01-31
  • 定價: $1,820
  • 售價: 2.2$399
  • 語言: 英文
  • 頁數: 656
  • 裝訂: Paperback
  • ISBN: 0321180615
  • ISBN-13: 9780321180612
  • 立即出貨(限量) (庫存=1)

買這商品的人也買了...

商品描述

Table of Contents:

Frequently Asked Questions.


Preface.

How This Book Came to Be.

What This Book Is and Is Not.

Conventions.

Acknowledgments.



1. Introduction to Firewalls.

What Is a Firewall?

What a Firewall Cannot Do.

An Overview of Firewall Security Technologies.

What Kind of Firewall Is FireWall-1?

Do You Really Need FireWall-1?

More Information.



2. Planning Your FireWall-1 Installation.

Network Topology.

Developing a Site-Wide Security Policy.

Fun with Check Point Licensing.

Summary.



3. Installing FireWall-1.

Selecting an Operating System.

Installing the Operating System.

Beginning the FireWall-1 Installation.

Upgrading from FireWall-1 4.1.

Summary.



4. Building Your Rulebase.

The Management GUIs.

The Rulebase Components.

The Rulebase.

Making Your First Rulebase.

Frequently Asked Questions.

Troubleshooting.

Summary.



5. Logging and Alerting.

SmartView Status.

SmartView Tracker.

Alerts.

Log Maintenance.

Summary.



6. Common Issues.

Common Configuration Questions.

Common Error Messages in the System Log.

Service-Related Questions.

Problems with Stateful Inspection of TCP Connections.

Problems with FTP.

Summary.



7. Remote Management.

The Components.

Secure Internal Communication.

Special Remote Management Conditions.

What You Can Do with Remote Management.

Moving Management Modules.

Highly Available Management Modules.

Troubleshooting Remote Management Issues.

Large-Scale Management Issues.

Security Policies.

Summary.



8. User Authentication.

Passwords.

How Users Authenticate.

Setting Up Authentication.

Setting Up User Authentication.

Setting Up Session Authentication.

Setting Up Client Authentication.

Integrating External Authentication Servers.

Clientless VPN.

Frequently Asked Questions.

Troubleshooting Authentication Problems.

Summary.

Sample Configurations.



9. Content Security.

The Security Servers.

The HTTP Security Server.

The FTP Security Server.

The SMTP Security Server.

The TCP Security Server.

General Questions about the Security Servers.

Debugging the Security Servers.

Summary

Sample Configurations.



10. Network Address Translation.

Introduction to Address Translation.

RFC1918 and Link-Local Addresses.

How NAT Works in FireWall-1.

Implementing NAT: A Step-by-Step Example.

Limitations of NAT.

Troubleshooting NAT with a Packet Sniffer.

Summary.

Sample Configurations.



11. Site-to-Site VPN.

Introduction to a VPN.

A Word about Licensing.

FWZ, IPSec, and IKE.

How to Configure Encryption.

Frequently Asked Questions about VPNs in FireWall-1.

Troubleshooting VPN Problems.

Summary.

Sample Configurations.



12. SecuRemote and SecureClient.

Introduction to SecuRemote and SecureClient.

A Word about Licensing.

Configuring SecuRemote on FireWall-1.

Office Mode.

Microsoft L2TP Clients.

High-Availability and Multiple Entry Point Configurations.

Microsoft Networking and SecureClient.

SecureClient Packaging Tool.

Frequently Asked Questions.

Troubleshooting.

No Response for Desktop Policy Server.

Summary.

Sample Configurations.



13. High Availability.

State Synchronization's Role in High Availability.

Implementing High Availability.

Frequently Asked Questions Regarding State Synchronization.

Error Messages That Occur with ClusterXL or State Synchronization.

Summary.



14. INSPECT.

What Is INSPECT?

Basic INSPECT Syntax 5

How Your Rulebase Is Converted to INSPECT.

Sample INSPECT Code.

Summary.



Appendix A. Securing Your Bastion Host.

Securing Solaris.

Securing Windows NT.

Securing Windows 2000.

Securing Linux.



Appendix B. Sample Acceptable Usage Policy.


Appendix C. firewall-1.conf File for Use with OpenLDAP v1.


Appendix D. firewal1.schema File for Use with OpenLDAP v2.


Appendix E. Performance Tuning.

Number of Entries Permitted in Tables.

Memory Used for State Tables.

Tweaks for Specific Operating Systems.



Appendix F. Sample defaultfilter.pf File.


Appendix G. Other Resources.

Internet Resources.

Software.



Appendix H. Further Reading.


Index.

商品描述(中文翻譯)

目錄:


常見問題。


前言。



本書的由來。



本書的內容和限制。



慣例。



致謝。




1. 防火牆介紹。



什麼是防火牆?



防火牆無法做到的事情。



防火牆安全技術概述。



FireWall-1 是什麼樣的防火牆?



你真的需要 FireWall-1 嗎?



更多資訊。




2. 計劃你的 FireWall-1 安裝。



網路拓撲。



制定全站安全策略。



玩轉 Check Point 授權。



總結。




3. 安裝 FireWall-1。



選擇作業系統。



安裝作業系統。



開始安裝 FireWall-1。



從 FireWall-1 4.1 升級。



總結。




4. 建立你的規則庫。



管理介面。



規則庫組件。



規則庫。



建立你的第一個規則庫。



常見問題。



故障排除。



總結。




5. 日誌和警報。



SmartView 狀態。



SmartView 追蹤器。



警報。



日誌維護。



總結。




6. 常見問題。



常見配置問題。



系統日誌中的常見錯誤訊息。



與服務相關的問題。



TCP 連線狀態檢查問題。



FTP 問題。



總結。




7. 遠端管理。



組件。



安全內部通訊。



特殊遠端管理條件。



遠端管理的功能。



移動管理模組。



高可用性管理模組。



故障排除遠端管理問題。



大規模管理問題。