Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1]

To: [email protected]
Subject: Re: [FW-1]
From: "Roelandts, Guy" <[email protected]>
Date: Mon, 11 Feb 2002 15:58:25 +0100
Comments: cc: [email protected]
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>
Thread-index: AcGWdUUHh60JGmI4Qx6T2UXKKdsEIAclmL4w
Thread-topic: [FW-1]

Fred,

About the management aspect, it all depends on the kind of license you have. If you already have an Enterprise

license you will be able to manage several Firewall modules. You will also be able to run the Management part from

the Firewall module himself or separate the Management and the Module.

With regards to the download of the security policy, the data should be encrypted, so no need to create a VPN rule

for this, unless you modified the standard configuration files. Further more the Implied Rules include security policy

rules allowing two modules to talk to each other. What I tend to do is disabling those Implied Rules and define my

own ones, allowing me to better define what is needed and what should be dropped.

Met vriendelijke groeten - Bien à vous - Kind regards
Guy ROELANDTS
EMEA GS Internet Expertise Centre - CCSA & CCSE
Compaq Software Engineer - Belgium
E-mail : [email protected]
Tel: +32(02)729.77.44 (options 3 - 3 - 1)
Fax: +32(02)729.77.65
==========================================================
This message may contain confidential and/or proprietary information,
and is intended only for the person/entity to whom it was originally
addressed. The content of this message may contain private views and
opinions which do not constitute a formal disclosure or commitment
unless specifically stated. Should you receive this message by mistake
please inform the sender immediately.
==========================================================

-----Original Message-----
From: Katsumi, Fred [mailto:[email protected]]
Sent: 06 January 2002 06:45
To: [email protected]
Subject: [FW-1]

Hi,

I have a fairly basic question hopefully. Currently I manage a singe gateway FW1 4.1SP5 on NT. I'm planning to connect a remote site with another FW1 via VPN and want to manage both firewalls from here (central site). Can this still be done with a single gateway or do I need to separate it into a firewall and management modules? Also, I'm not sure how I can push the policy to the remote firewall over the internet without VPN. Do I need to create a rule for installing the policy to both firewalls? An example would be helpful.

Thanks.
Fred

================To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================If you have any questions on how to change your subscription options, email [email protected] ================

Prev by Date: [FW-1] AW: [FW-1] NAT and "too many internal hosts"
Next by Date: Re: [FW-1] Problem using SecuRemote Over NAT'ed connection
Previous by thread: Re: [FW-1]
Next by thread: [FW-1]
Index(es):
- Date
- Thread