Question on Authentication

[godspeedcapri]

I have come across the term 'Intersect with user database' which is found in the source & destination field of Action properties in a rule. I am confused with this term as it talks about location and user database. Could someone explain the same with a simple example.

Thanks in advance.

Cheers,
Godspeedcapri

[godspeedcapri]

Answering my own query(as long as it helps others too). I have found the explanation

Link: hxxp://www.checkpoint.com/support/technical/online_ug/authent.html


Source - Reconcile Source in the rule with Allowed Sources in the User Properties window.


The Allowed Sources field in the User Properties window may specify that the user to whom this rule is being applied is not allowed access from the source address, while the rule may allow access. This field indicates how to resolve this conflict.

Choose Intersect with User Database to apply the intersection of the access privileges specified in the rule and in the User Properties window.

Choose Ignore User Database to allow access according to the Source specified in the rule.

Example



Suppose a user's User Properties window lists the network objects Tower and BigBen under Allowed Sources. TABLE 1-2 summarizes the various access possibilities.

TABLE 1-2 Access Possibilities rule allows access from ... Source is Intersect with User Database Source is Ignore User Database

Tower The user is allowed access only from Tower, because only Tower is in both Allowed Sources and Source. The user is allowed access only from Tower, because only Tower is in Source.

Thames The user is denied access, because there is no network object that is in both Allowed Sources and Source. The user is allowed access only from Thames, because only Thames is in Source.



Destination - Reconcile Destination in the rule with Allowed Destinations in the User Properties window.


The Allowed Destinations field in the User Properties window may specify that the user to whom this rule is being applied is not allowed access to the destination address, while the rule may allow access. This field indicates how to resolve this conflict.

Choose Intersect with User Database to apply the intersection of the access privileges specified in the rule and in the User Properties window.

Choose Ignore User Database to allow access according to the Destination specified in the rule.

Cheers,
Godspeedcapri

[raghavendra]

Hi i Passed ccsa NGx 10 days back with 77% there is lot of new questions, don't rely on dumps Study every thing word by word and understand.
Questions on smartdefence and webintelligence had lot of questions.
i manged to get 50% in NAT.

Authentication questions are easy,

Studied
the Checkpoint Documents (from website)
Syngress book
Couse book
Tk

[raghavendra]

Study the following topics
1.Smart defece-full
2.Web intelligence-full
3.Nat-Static,hide,port translation,
4.Authentication-User,client
5.Backup-Study the checkpoint course book(every question from this book only)
6.Ldap-Study the checkpoint course book(every question from this book only)

[cyberbastion]

Quote:

Originally Posted by raghavendra

Study the following topics
....
5.Backup-Study the checkpoint course book(every question from this book only)
6.Ldap-Study the checkpoint course book(every question from this book only)

Hello,
where did you get the checkpoint course book?
Thanks

btw, I found check point official website having some information about LDAP
http://www.checkpoint.com/support/te...march.htm#5205
and CheckPoint_R61_SmartCenter_UserGuide.pdf

[raghavendra]

Hi,

If u join any offical check pint course in any institute there u will get offical course book in that ldap is contains all theory and practicals.

[cyberbastion]

Quote:

Originally Posted by raghavendra

Hi,

If u join any offical check pint course in any institute there u will get offical course book in that ldap is contains all theory and practicals.

ic, it seems no hope to get the course book.
in addition, did you read for the check point official R61 doc such as "CheckPoint_R61_Firewall_SmartDefense_UserGuide.pd f",
"CheckPoint_R61_SmartCenter_UserGuide.pdf" and etc..
Thanks