|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] CheckPoint RealSecure Intrusion detection Ver 5.0
The engine is basically a sniffer with a database sitting behind it. The system usually has two NIC's(but doesn't have to), one to communicate to the RS mgt station and one without an IP address and monitors the suspect network.That box will be very busy and you really want it sitting all alone. This way it will hopefully have the horsepower to do what it was designed to do, work it's butt off processing each and every packet. Yes, the console can live with the fw mgt console. If either system(FW1 mgt/RS mgt) becomes very busy, you could end up losing important logs(basically a DOS of your management system(s)). Robert - - Robert P. MacDonald, Network Engineer Team Lead, e-Business Infrastructure G o r d o n F o o d S e r v i c e Voice:email: [email protected] >>> <[email protected]> 11/23/00 5:46:14 AM >>> > >I asked a question about this recently - it appears that the confusion is >in that the Management Console for both fw and RS can reasonably reside on >same box (firewall) but the RealSecure engine needs to be on different box >? i.e.:- > >Box 1 (NT/Nokia/Solaris(whatever):- > >Software = 1. Firewall-1(or VPN-1), 2. FW-1 Man. Console, 3. RealSecure >Man. Console > >Box 2 (whatever):- > >Software = RealSecure Engine > >Does this look right Tim or would you not even run the Management Consoles >on the same box - any other views ? > >Tim Higgins > > Tim Cullen <[email protected]> > Sent by: To: [email protected] > [email protected] cc: > kpoint.com Subject: RE: [FW1] CheckPoint RealSecure Intrusion >detection Ver 5.0 > >I'm sorry I am going to have to say this, >Never, I will repeat, Never put anything on the firewall! The firewall >should be a stand alone box with the only purpose in life of inspecting the >incoming packets. > >-----Original Message----- >From: Frank Darden [mailto:[email protected]] >Sent: Monday, November 20, 2000 5:55 PM >To: 'Hamlyn, Stewart'; [email protected] >Subject: RE: [FW1] CheckPoint RealSecure Intrusion detection Ver 5.0 >Importance: High > >Do not install RealSecure on the Firewall!! > >-----Original Message----- >From: Hamlyn, Stewart [mailto:[email protected]] >Sent: Monday, November 20, 2000 2:15 PM >To: [email protected] >Subject: [FW1] CheckPoint RealSecure Intrusion detection Ver 5.0 > >Hi, > >I installed CheckPoint RealSecure Ver 5.0 on a SUN running Solaris 2.6, 1GB >memory, dual processors with CheckPoint 2000 FW-1 (SP2) and Floodgate-1 >(SP2). It seems when the traffic load increased the server would core dump >and reboot. I removed RealSecure Manager and the problem has gone away. > >Has anyone had problems like this with RealSecure or tried it and found >that >it works OK? > >Thanks in advance, >Stew ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
