CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Results 1 to 4 of 4

Thread: Newby question

  1. #1
    Join Date
    2007-11-13
    Posts
    5
    Rep Power
    0

    Default Newby question

    Hi Forum,

    I am completely new to the checkpoint enviroment and perhaps I am in the wrong area of the forum if so my appologies for this.
    Perhaps one of you could point me in the right direction.
    I have some doubts as to the function of the following.

    click...checkpoint dashboard >> nodes >> properties of the node >> general properties >> configure servers >> and check DNS >> click okay.
    What does this function do ?
    Hope you can help.
    Regards,
    Remco

  2. #2
    Join Date
    2006-12-16
    Posts
    539
    Rep Power
    15

    Default Re: Newby question

    This add's the box to the DNS servers view of Smart Defense.

  3. #3
    Join Date
    2007-11-13
    Posts
    5
    Rep Power
    0

    Default Re: Newby question

    Thanks for your reply.
    Reason for my asking being that I am receiving logging of dropped traffic by SD pertaining Invalid DNS >> reason DNS data to long. This has to do with a DNS zone transfer to a DNS from a 3rd party. I thought that by making my DNS node a DNS server from SD point of view I could avoid SD dropping the traffic. AM I right in assuming this?
    Once again I am new to Checkpoint coming from a Cisco environment.
    Thanks for your time.
    Remco

  4. #4
    Join Date
    2006-01-25
    Location
    Americas
    Posts
    1,535
    Rep Power
    17

    Default Re: Newby question

    Quote Originally Posted by Remcog View Post
    Reason for my asking being that I am receiving logging of dropped traffic by SD pertaining Invalid DNS >> reason DNS data to long. This has to do with a DNS zone transfer to a DNS from a 3rd party. I thought that by making my DNS node a DNS server from SD point of view I could avoid SD dropping the traffic. AM I right in assuming this?
    I believe by adding the DNS into this list you are subjecting it to *more* SD checks, not less. Try disabling your DNS SD checks and push your policy again--see if that helps.

Similar Threads

  1. Newby Question
    By Remcog in forum Miscellaneous
    Replies: 2
    Last Post: 2007-11-21, 04:30

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •