[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Filtering Virus?
Hi, You said: #Current Firewall - Firewall Checkpoint v4-1 with SP3 running NT4SP5a #Since my office environment does not have anti-virus product for Exchange #and filtering products in placed yet, does Firewall has features to filter #anti-virus? Here are some 'quick and dirty' virus blocking tips: http://www.checkpoint.com/codered/index.html How Check Point Products Defeat Code Red and its Variants Above info can be used to block gone by blocking '*.scr', and other such bad file extentions....... Generally that is it...... If you have any AV at all, you can run this on the MS Exchange 'message store', you don't actually need MS Exchange specific AV, but it is nice. Generally organisations use a AV e-mail attach filter program that integrates with CheckPoint via CVP, but this means you must run the CheckPoint SMTP security server (mileage may vary), the best in this category, are the following products in order of terms of how robust: -TrendMicro -E-Safe However, its Generally best to use a SMTP AV host however, without CVP and FW-1 SMTP server, and just allow 'TCP 25' to the SMTP bastion host running either above two products or MailSweeper. MailSweeper lost OPSEC can't be used via CVP (or not certified) but since the whole CVP & SMTP security server issue is quite problematic, MailSwepper is fine stand alone. Set-up AV SMTP bastion host on a DMZ (seprate NIC off of firewall)....get a quad NIC card..or two..or three? and throw them into your firewall (approx 1K each...). Then forward mail internally to MS Exchange, and also run AV against Excchange 'message store' Hope that helps, good luck. -Bye Joe McGean Allianz, Ireland Security Team ******************************************************************** Please Note: Our e-mail address is now 'allianz.ie' Visit our website at http://www.allianz.ie Disclaimer : The information contained and transmitted in this e-mail is confidential information, and is intended only for the named recipient to which it is addressed. The content of this e-mail may not have been sent with the authority of the company. If the reader of this message is not the named recipient or a person responsible for delivering it to the named recipient, you are notified that the review, dissemination, distribution, transmission, printing or copying, forwarding, or any other use of this message or any part of it, including any attachments, is strictly prohibited. If you have received this communication in error, please delete the e-mail and destroy all record of this communication. Thank you for your assistance. ******************************************************************** ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] =================================================
|