I have been reading a little on the CheckPoint
SmartDefense datasheet. Basically it look very nice, but....
I am currently running FW-1 4.1 SP3 on Solaris 7,
and I don't want to upgrade either of them. Will SmartDefense run on this
platform?
http://www.checkpoint.com/products/protect/smartdefense_attack_defeated.html
says: Denial of Service DoS Attacks - SYN Flood - LANd IP Attacks
- IPSpoofing - IPFragmentation - Illegal and Malformed Packets
Web and Application Vulnerabilities - DNS Attacks - Protocol
Non-compliance - Application-specific Vulnerabilities - Trojan Horses
- Back Door and Remote Administration - Mobile Code (Java, _javascript_,
Active-X) - Hidden File Extensions Network Probing - Port Scanning
- Service Scanning
I need to have the original source ip adresses in
my webserver log files, so I cannot use the HTTP Security Servers because of the
proxy functionality. If I do not use the SmartDefense HTTP Security Servers,
I guess I will loose all the "Web and Application Vulnerabilities"
?!?
Then all this is left: - SYN Flood - LANd
- IPSpoofing - IPFragmentation - Illegal and Malformed Packets -
Port Scanning - Service Scanning
There is already some IPSpoofing and SYN Flood
defense in the basic FW-1, so what I will pay for is: - LANd -
IPFragmentation - Illegal and Malformed Packets - Port Scanning -
Service Scanning
Correct ??? Will it be totally overkill to buy
SmartDefense ??? Is there another product I should look at?
best regards Jan
|