[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Secure Configuration Verification
Hi , To your question I believe that you did not move to Traditional Mode Which is not the default - I'll be more then happy to send you a template upon request To your SCV Checking - Please note that check point AV checking is very rudimentary http://www.opswat.com/opstop_nav.html or http://www.opswat.com/opstop_norton/comparison%20for%20NAV.pdf Regards Benny www.opswat.com -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]]On Behalf Of Paul Murphy Sent: Thursday, July 10, 2003 3:39 PM To: [email protected] Subject: [FW-1] Secure Configuration Verification Hello all, I am using VPN-1 FP3 with SecureClient, and I am trying to complete an SCV setup. At the moment, I have checks to ensure the SecureClient build is up to date, and that Antivirus is running. If either of these are not correct, then the SecureClient pops up a message to the user stating what needs fixing - this bit works fine. However, the client then successfully goes on to connect to the network and has full access as defined by the Desktop Policy rules and the Firewall rules. Under FP2 and before you would have a "Client Encrypt" rule, that you could set an option to state that the rule would only be in effect if the Desktop Policy was correct. So enforce the Secure Configuration Verification on a rule by rule basis. However under FP3 the Client Encrypt is implied by the VPN defined in the VPN Manager, and also in the Desktop Policy. Neither of these tabs appears to have a way of defining which rules only be in place if the Desktop is secure. Can anyone tell me how I do this? ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|