[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] SmartDefense or not
Greetings!
Jan Egeriis wrote:
I have been reading a little on the CheckPoint SmartDefense datasheet.
Basically it look very nice, but....
I am currently running FW-1 4.1 SP3 on Solaris 7, and I don't want to
upgrade either of them.
Will SmartDefense run on this platform?
[...]
There is already some IPSpoofing and SYN Flood defense in the basic
FW-1, so what I will pay for is:
- LANd
- IPFragmentation
- Illegal and Malformed Packets
- Port Scanning
- Service Scanning
You forgot to subtract the MAD (malicious activity detection) that's
built into CKP-FW1 (but not accessible from GUI).
MAD detects/defends:
- Syn-Attacks
- Spoofing attempts (for local interfaces, too)
- portscan detection
- blocked ports scan detection
- login failures
- fast repeated connects
- land attacks
So you're only left with
- IPFragmentation
- Illegal and Malformed Packets
Bye
Volker Tanger
IT-Security Consulting
--
discon gmbh
Wrangelstraße 100
D-10997 Berlin
fon +49 30 6104-3307
fax +49 30 6104-3461
[email protected]
http://www.discon.de/
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
