Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Secure Configuration Verification

To: [email protected]
Subject: Re: [FW-1] Secure Configuration Verification
From: Benny Czarny <[email protected]>
Date: Thu, 10 Jul 2003 10:53:57 +0200
Comments: cc: "Yoni@Opswat. Com" <[email protected]>, Cyril Sultan <[email protected]>
Importance: Normal
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi ,


To your question
I believe that you did not move to Traditional Mode
Which is not the default - I'll be more then happy to send you a template
upon request

To your SCV Checking -

Please note that check point AV checking is very rudimentary
http://www.opswat.com/opstop_nav.html
or
http://www.opswat.com/opstop_norton/comparison%20for%20NAV.pdf

Regards
Benny
www.opswat.com

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Paul
Murphy
Sent: Thursday, July 10, 2003 3:39 PM
To: [email protected]
Subject: [FW-1] Secure Configuration Verification


Hello all,

I am using VPN-1 FP3 with SecureClient, and I am trying to complete an
SCV setup. At the moment, I have checks to ensure the SecureClient
build is up to date, and that Antivirus is running.

If either of these are not correct, then the SecureClient pops up a
message to the user stating what needs fixing - this bit works fine.
However, the client then successfully goes on to connect to the network
and has full access as defined by the Desktop Policy rules and the
Firewall rules.

Under FP2 and before you would have a "Client Encrypt" rule, that you
could set an option to state that the rule would only be in effect if
the Desktop Policy was correct. So enforce the Secure Configuration
Verification on a rule by rule basis.

However under FP3 the Client Encrypt is implied by the VPN defined in
the VPN Manager, and also in the Desktop Policy. Neither of these tabs
appears to have a way of defining which rules only be in place if the
Desktop is secure.

Can anyone tell me how I do this?

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- [FW-1] Secure Configuration Verification
  - From: Paul Murphy <[email protected]>

Prev by Date: Re: [FW-1] AW: [FW-1] More than 2 concurrnet ftp downloads from 1 site
Next by Date: [FW-1] LEA application make error
Previous by thread: [FW-1] Secure Configuration Verification
Next by thread: Re: [FW-1] Secure Configuration Verification
Index(es):
- Date
- Thread