CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 7 of 7

Thread: Security Management Platforms?

  1. #1
    Join Date
    2009-10-08
    Posts
    21
    Rep Power
    0

    Default Security Management Platforms?

    Tufin, Check Point, Secure Passage Firemon ...?

    What do you use - what's the background of your system (firewalls, consoles, etc) - what works well, what doesn't?

    Thanks,

    PC

  2. #2
    Join Date
    2007-04-10
    Location
    India
    Posts
    232
    Rep Power
    13

    Default Re: Security Management Platforms?

    It depends on you how you want to use the product, some products have webconsole and some have there own console, checkpoint is good product you can using it with evaluation licence.

  3. #3
    Join Date
    2009-10-08
    Posts
    21
    Rep Power
    0

    Default Re: Security Management Platforms?

    Yeah - we have about 125 firewalls, 4 consoles from R60-R70. About 150 policies! Some are 50 rules, some are 100's of rules.

    The firewall system has grown so fast - it's become unmanageable. Nodes, policies, etc. are a mismash of naming conventions, or none. We have no tools to tell us what nodes aren't used, what rules are hit the most, or not at all.

    We are re-evaluating our whole lifecycle - from userss submitting requests to review and approval, implementation, auditing, removal. It's all messed up - and sitting around, a lot of our pain points are surely addressed with some tools - and lo and behold - there are tools that can do reporting, auditing, etc.

    But which tools to get?

  4. #4
    Join Date
    2007-07-16
    Location
    a land down under!
    Posts
    2,015
    Rep Power
    15

    Default Re: Security Management Platforms?

    As I stated in a previous thread, Tufin's SecureTrack would help you a LOT in that environment. Not sure what region you're in, but PM me and I'll see if I can find the appropriate SE or Sales Rep in your region.

    I'd also echo the comment about P-1 - I think splitting your management with that many firewalls makes a lot of sense. All of this would of course be contigent on budget, but I think some small changes could supply you with big rewards.

  5. #5
    Join Date
    2005-08-29
    Location
    Upstate NY
    Posts
    2,720
    Rep Power
    17

    Default Re: Security Management Platforms?

    Yes, talk to Tufin and please talk to your SE (If you don't have a direct CHKP contact please PM me).

    One question, 125 firewalls and 150 policies?

  6. #6
    Join Date
    2009-10-08
    Posts
    21
    Rep Power
    0

    Default Re: Security Management Platforms?

    Quote Originally Posted by chillyjim View Post
    One question, 125 firewalls and 150 policies?
    I'm guesstimating - however, there are old policies no longer in use, old firewall nodes no longer in use, etc.

    We need some kind of tool to give us confidence as to what rules are hit, what aren't, where rules could be consolidated, what nodes are unused, etc.

    Thanks,

    PC

  7. #7
    Join Date
    2005-08-29
    Location
    Upstate NY
    Posts
    2,720
    Rep Power
    17

    Default Re: Security Management Platforms?

    Sounds like a combination of Tufin and Eventia Reporter would be good for you.

Similar Threads

  1. Security Management on 2 UTM-1 with SW R70
    By Hernan_Mella in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 3
    Last Post: 2010-03-26, 11:29
  2. Increasing R70 Security Management Server Speed
    By msmollin in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 8
    Last Post: 2009-10-07, 12:48
  3. Migrate Endpoint Security Console Management
    By mjaramillo in forum Secure Access
    Replies: 3
    Last Post: 2009-01-26, 21:29
  4. who has Check Point NGX Security Administration Nokia IP Security Platforms" for sale
    By redbear in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 0
    Last Post: 2007-09-19, 16:13
  5. Comparing Different Platforms
    By Cruizin in forum Check Point SecurePlatform (SPLAT)
    Replies: 7
    Last Post: 2006-10-10, 08:05

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •