Contents
Important Information ...................................................................................................... 3
SmartConsole Toolbars ................................................................................................ 5
Terms............................................................................................................................... 16
Check Point Next Generation Security Gateway Solution ............................................. 18
Overview of Firewall Features ................................................................................... 18
How to Use this Guide ................................................................................................. 18
Components of the Check Point Firewall Solution .................................................... 20
Mirror and Decrypt .......................................................................................................... 21
Introduction to Mirror and Decrypt ............................................................................ 21
Mirror and Decrypt Requirements ............................................................................. 24
Configuring Mirror and Decrypt in Gateway mode .................................................... 25
Preparing the Security Gateway................................................................................. 26
Configuring Mirror and Decrypt in SmartConsole ....................................................... 27
Configuring Mirror and Decrypt in VSX mode ............................................................ 32
Preparing the VSX Gateway ....................................................................................... 34
Configuring Mirror and Decrypt in SmartConsole for One Virtual System .................... 35
Configuring Mirror and Decrypt in SmartConsole for Several Virtual Systems ............ 40
Mirror and Decrypt Logs............................................................................................. 45
ICAP Client....................................................................................................................... 46
Introduction to ICAP .................................................................................................... 46
ICAP Client in Check Point Security Gateway ............................................................ 51
ICAP Client User Disclaimer....................................................................................... 52
Configuring ICAP Client in Gateway mode ................................................................. 53
Configuring ICAP Client in VSX mode......................................................................... 54
The ICAP Client Configuration File............................................................................. 55
Example of the ICAP Client Configuration File .......................................................... 67
Advanced ICAP Client Configuration .......................................................................... 70
Configuring Additional ICAP Response Headers for Enforcement ............................... 70
Configuring Additional HTTPS Status Code, which ICAP Client Sends in RESPMOD...... 76
Configuring Connection Timeout for ICAP Connections............................................... 78
Configuring ICAP Client Data Trickling Parameters.................................................... 79
Hardware Security Module (HSM) .................................................................................. 82
Why Use an HSM? ....................................................................................................... 82
The Check Point Environment with Gemalto SafeNet HSM Appliance ..................... 83
Workflow for Setting Up Your HSM Environment ...................................................... 83
Step 1: Extracting the Gemalto Help Package ........................................................... 84
Step 2: Configuring the Gemalto HSM Appliance Server to Work with Check Point
Security Gateway ........................................................................................................ 84
Step 3: Configuring the Gemalto HSM Client Workstation........................................ 85
Step 4: Creating the CA Certificate on the Gemalto HSM Appliance Server ............ 86
Step 5: Configuring the Check Point Security Gateway to Work with the Gemalto
HSM Appliance Server ................................................................................................ 87
(A) Installing the Gemalto HSM Simplified Client Software Packages on the Check Point
Security Gateway ...................................................................................................... 88
(B) Establishing a Trust Link between the Check Point Security Gateway and the Gemalto
HSM Appliance Server ............................................................................................... 88
To Next Page
Loading...
