[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SmartDefense or not
))> I have been reading a little on the CheckPoint SmartDefense ))datasheet. ))> Basically it look very nice, but.... ))> ))> I am currently running FW-1 4.1 SP3 on Solaris 7, and I ))don't want to ))> upgrade either of them. Will SmartDefense run on this platform? ))> ))[...] )) ))> ))> There is already some IPSpoofing and SYN Flood defense in the basic ))> FW-1, so what I will pay for is: ))> - LANd ))> - IPFragmentation ))> - Illegal and Malformed Packets ))> - Port Scanning ))> - Service Scanning )) )) ))You forgot to subtract the MAD (malicious activity detection) ))that's built into CKP-FW1 (but not accessible from GUI). MAD ))detects/defends: )) - Syn-Attacks )) - Spoofing attempts (for local interfaces, too) )) - portscan detection )) - blocked ports scan detection )) - login failures )) - fast repeated connects )) - land attacks )) ))So you're only left with )) - IPFragmentation )) - Illegal and Malformed Packets )) Plus Security Server issues like how long a valid URL can be, if only ASCII code is allowed, how many mx lookups the firewall catch, if the recipient should have a valid domain and more, also related to other services. I'm not sure, but a lot of these settings are already known and available through dbedit or GUI-dbedit in the firewall database. A part of Smartdefense includes MAD (section called successive Events. The service works only under NG and is free. You'll pay only the subscription for future exploits which should the firewall detect. SAM ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|