Search the Wiki

Viewing 41 to 50 of 151 items

Interfaces in Clavister FW

In every network device there is source and destination interface. In clavister there is also Core interface which refers to the clavister fw itself. cOS Core supports a number of interface types, which can be divided into the following four major groups: Ethernet Interfaces – Each Ethernet interface represents a physical Ethernet interface on a  Full Article…

Komentáře nejsou povolené u textu s názvem Interfaces in Clavister FW

ARP

Address Resolution Protocol (ARP) allows the mapping of a network layer protocol (OSI layer 3) address to a data link layer hardware address (OSI layer 2). In data networks it is used to resolve an IPv4 address into its corresponding Ethernet address. The ARP Cache in network equipment, such as switches and security gateways, is  Full Article…

Komentáře nejsou povolené u textu s názvem ARP

Security Policies

cOS Core security policies are configured by the administrator to regulate the way in which traffic can flow through the Clavister Security Gateway. Such policies are described by the contents of different cOS Core rule sets. These rule sets share a uniform means of specifying filtering criteria which determine the type of traffic to which  Full Article…

Komentáře nejsou povolené u textu s názvem Security Policies

TSHOOT – useful ping, other commands

The combination of the ICMP echo request and echo reply messages are known as ping. They provide a simple diagnostic tool to find out if a host is reachable. In the cOS Core CLI, the ping command provides this feature. However in cOS Core the ping tool can be used to test much more than  Full Article…

Komentáře nejsou povolené u textu s názvem TSHOOT – useful ping, other commands

Clavister Routing

The components of a Route Interface – Interface where is the destination network Network – destination network itself Gateway – next hop IP address Local IP Address – something like secondary ip address. You can specify this on your physical interface and FW will reply to ARP for this IP. Where it is useful? When  Full Article…

Komentáře nejsou povolené u textu s názvem Clavister Routing

Access Rules

Before a new connection is checked against the IP rule set, cOS Core checks the connection source against a set of Access Rules. Access Rules can be used to specify what traffic source is expected on a given interface and also to automatically drop traffic originating from specific sources. AccessRules provide an efficient and targeted  Full Article…

Komentáře nejsou povolené u textu s názvem Access Rules

Address Translation

cOS Core supports two types of translation: Dynamic Network Address Translation (NAT) Static Address Translation (SAT) Two types of cOS Core IP rules, NAT rules and SAT rules are used to configure address translation. NAT Dynamic Network Address Translation (NAT) provides a mechanism for translating original source IP addresses to a different address. Outgoing packets  Full Article…

Komentáře nejsou povolené u textu s názvem Address Translation

VPN

Before going deep to every VPN technology setup in cOS Core lets look on overview of common requirements: Define the Tunnel – Firstly we must define the tunnel itself. cOS Core has various tunnel object types which are used to do this, such as an IPsec Tunnel object. A Route Must Exist – Before any  Full Article…

Komentáře nejsou povolené u textu s názvem VPN

Introduction

Checkpoint technology implements something called SMART. It states for Security Mgmt. Architecture. This architecture implements different elements: Console or smart console PC – its the admin pc with all the smart dashboard and other applications to manage checkpoint Management Server – admin access first the management server, which is centralized management for all checkpoint FWs  Full Article…

Komentáře nejsou povolené u textu s názvem Introduction

Installing checkpoint

Make the exact checkpoint lab as on cbtnuggets is. In a LAB we will use: Distributed solution We will not use HA We will be in Routed mode As a topology we will use this: Installation of Gaia for first half is same for both FW and MGMT server. Then you choose that you want  Full Article…

Komentáře nejsou povolené u textu s názvem Installing checkpoint