NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Policy Server



Hi,
only a Firewall-Module may act as a Policy Server. This is because only over a
Gateway a user can authenticate and make a connection to the "other side" of the
Firewall, e.g. the internal net.
You define all objects (also Policy Server) and rules in the GUI, save the rules
etc. on the Management-Module - and the rules are compiled to act on the
Firewall-Module. So you can't define the Management-Module (with only one NIC)
as a Policy Server.
BTW - Securing the separated Management-Module with Secure Server is a good idea
- if an attacker "has" the Management-Module, he or she has the whole
Firewall-infrastructure.
Hope it helps,
best regards,
Matthias

Richard Marshall wrote:

> Hello,
>
> Could someone please explain to me what yo need to install to define a
> Policy Server for Secure Client. i already have a Secure Client license.
> When I try to define a policy server in the GUI it only gives me the option
> of defining it on a gateway. I would like to install it on the managment
> server. Do i need to install Secure Server on the managment server to do
> this?
>
> I can't find anything of use on either the checkpoint site (surprise...), or
> phoneboy.
>
> Any help would be much appreciated
>
> Rich
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

--
AERAsec Network Services and Security GmbH
Wagenberger Straße 1
D-85662 Hohenbrunn, Germany
http://www.aerasec.de

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.