|
I have been reading a little on the CheckPoint
SmartDefense datasheet. Basically it look very nice, but....
I am currently running FW-1 4.1 SP3 on Solaris 7,
and I don't want to upgrade either of them.
Will SmartDefense run on this
platform?
http://www.checkpoint.com/products/protect/smartdefense_attack_defeated.html
says:
Denial of Service DoS Attacks
- SYN Flood
- LANd
IP Attacks
- IPSpoofing
- IPFragmentation
- Illegal and Malformed Packets
Web and Application Vulnerabilities
- DNS Attacks
- Protocol
Non-compliance
- Application-specific Vulnerabilities
- Trojan Horses
- Back Door and Remote Administration
- Mobile Code (Java, _javascript_,
Active-X)
- Hidden File Extensions
Network Probing
- Port Scanning
- Service Scanning
I need to have the original source ip adresses in
my webserver log files, so I cannot use the HTTP Security Servers because of the
proxy functionality.
If I do not use the SmartDefense HTTP Security Servers,
I guess I will loose all the "Web and Application Vulnerabilities"
?!?
Then all this is left:
- SYN Flood
- LANd
- IPSpoofing
- IPFragmentation
- Illegal and Malformed Packets
-
Port Scanning
- Service Scanning
There is already some IPSpoofing and SYN Flood
defense in the basic FW-1, so what I will pay for is:
- LANd
-
IPFragmentation
- Illegal and Malformed Packets
- Port Scanning
-
Service Scanning
Correct ???
Will it be totally overkill to buy
SmartDefense ???
Is there another product I should look at?
best regards
Jan
| 
