 | ||
 Nortel Alteon Firewalls | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-05-15 | |||
| |||
 Nortel Alteon Firewalls Hi, Can anyone share some useful Informative guides on Nortel ASF. I am looking for information like..... ways to manage the firewall, some example scenarios, what all logging should be enabled for the firewall, what configuration should be of the Smart Centre Server from where I would be managing the Firewall. If anyone has this info then please respond @ the earliest. You can also send me a personal e-mail. Thanks, Ruchir  |
| 2006-05-15 | |||
| |||
| Re: Nortel Alteon Firewalls The Nortel ASF/NSF firewalls have a http/https and telnet/SSH interface that allow you to manage the firewalls very easily. most if not all of the functionality found in the command line interface can be managed through the web interface. I currently have a distributed installation and use SPLAT on an HP DL360 as my SmartCenter Server. I am adding a second NSF 5114 for clustering in the next few months. I am not using the accelerator piece (Director) for the clustering. I am fairly happy with the 5114s I have not had any major problems with them and they are very easy to configure. Additional information on the Nortel ASF/NSF can be found here: Nortel 5100 series: http://www.nortel.com/products/01/al...l/nn110160.pdf Nortel 6000 series: http://www.nortel.com/products/01/al...l/nn110161.pdf Russ Aspinwall CCSA, CCSE astinius1@yahoo.com |
| 2006-05-17 | |||
| |||
| Re: Nortel Alteon Firewalls Hi Russ, Thanx for your response..... This is the first time I would be doing the installation of these mostly 5111 and few 6616, till now I have had no trng on these FW's so I was looking some information on how to go about for these installations viz: 1) What all things would be required for the FW installation like CD, SmartCenter etc. 2) What all important logs should be logged. 3) What should be my server config where I would b doing the log process. I am from NetScreen, Sonicwall, PIX and bit of Checkpoint background Juniper had very nice Manual which consisted of all the info from scratch to configuration of the FW's with examples. Can you share some info/manual with me. I have added you to my IM. Do lemme know if you have such information. Rgds, Ruchir NCSA, NCSP, JNCIA, JNCIW, CCSA, CCSP |
| 2006-05-18 | |||
| |||
| Re: Nortel Alteon Firewalls Ruchir, 1. You will need to download the Nortel ASF/NSF images for the appropriate hardware and software rev. (NG, NG AI or NGx) from Check Point's website. You will also need the original Check Point software CDs if you are going to have a distributed installation (I used SPLAT for my management station instead of having that load put on the ASF). 2. I'm not sure what you are asking for here, do you want to know what Check Point rules to log? I usually log all of my rules (except for noisy traffic that I drop that i don't want to see, NBT, etc...) I do this because my auditing depart likes to see it. 3. I set my logs up to go to my external management server, it takes a load off the firewall and is faster to sort through them. I have my logs set to rotate every evening at 12:00. I have all of the version 2.3.3 ASF/NSF manuals in PDF form, send me an e-mail in and I will forward them to you. I would recommend that you sign up for an account with Nortel and associate it with you Nortel support contract so that you get access to all of the appropriate documentation and software for your ASF/NSFs. Russ Aspinwall CCSA, CCSE astinius1@yahoo.com |
| 2006-05-19 | |||
| |||
| Re: Nortel Alteon Firewalls Hi Bro, 1) I would be getting the CD's of Checkpoint software for the installation you have mentioned SPLAT, what exactly is this SPLAT... does that refer to managing the Firewall remotely using a Management Server/Station. 2) Yes I wanted to know what are the important FW logs that I should be more concerned off. Ross as you say that "I set my logs up to go to my external management server, it takes a load off the firewall and is faster to sort through them. I have my logs set to rotate every evening at 12:00" can you please share what is the configuration of your server where you are logging these logs (Storage Capacity, RAM, Processor speed etc) and you rotate these logs what I infer is that you trans fer these logs to some other storage location am I correct in my understanding. 3) You can send the mails to itsruchirhere@yahoo.com and share the manuals... that will be a great help.... I have also added you to my IM, I am trying to get the Nortel Login, in the mean time if you can share the manuals that will be helpful. Thanks, Ruchir NCSA, NCSP, JNCIA, JNCIW, CCSA, CCSP |
| 2006-05-22 | |||
| |||
| Re: Nortel Alteon Firewalls 1. SPLAT is Secure Platform, Check Point's own hardened operating system. Read about it here: http://www.checkpoint.com/products/d..._datasheet.pdf 2. My logs are stored on my SPLAT SmartCenter server, it's a HP DL360 G3 with 2 P4 processors and 2 Gb of RAM, it has (2) 80 Gb hard drives. My average log file size is 350Mb a day. You can setup log roatation by editing your log server (in my case SmartCenter server) object, selecting "logs and masters" Check the box next to "Schedule log switch to:" and selecting "midnight" (or whatever time you want to change them to, you would have to create a time object for anything other than midnight though). Clikc "OK" and push you policy. You Firewall logs are then rolled over and begin new for the next day. 3. Manuals will be on their way shortly. __________________ Russ Aspinwall CCSA, CCSE |
| 2006-05-22 | |||
| |||
| Re: Nortel Alteon Firewalls Quote:
|
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
