firewall+interview+faq
TRANSCRIPT
1.
What is firewall?
A firewall is a hardware or software installed to provide security to the
private networks connected to the internet. They can be implemented in
both hardware and software, or a combination of both. All data
entering or leaving the Intranet passes through the firewall which allows
only the data meeting the administrators’ rules to pass through it.
2.
What are the types of firewalls?
1. Packet Filtering Firewall: This type of Firewall detects packets
and block unnecessary packets and makes network traffic
release.
2. Screening Router Firewalls: It's a software base firewall
available in Router provides only light filtering.
3. Computer-based Firewall: It's a firewall stored in server with
an existing Operating System like Windows and UNIX.
4. Hardware base Firewall: Its device like box allows strong
security from public network. Mostly used by big networks.
5. Proxy Server: Proxy server allows all clients to access Internet
with different access limits. Proxy server has its own firewall
which filters the all packet from web server.
3.
What is Pix Firewall Security? How does it differ from a
firewall?
CISCO pix firewall security is stateful firewall. It uses ASA Technology.
4.
What can't a firewall protect against?
Firewalls can't protect against attacks that don't go through the firewall.
Many corporations that connect to the Internet are very concerned about
proprietary data leaking out of the company through that route.
Unfortunately for those concerned, a magnetic tape can just as effectively be
used to export data. Many organizations that are terrified (at a management
level) of Internet connections have no coherent policy about how dial-in
access via modems should be protected.
5.
Will IPSEC make firewalls obsolete?
IPSEC (IP Security) refers to a set of standards developed by the Internet
Engineering Task Force (IETF). There are many documents that collectively
define what is known as ``IPSEC'' [4]. IPSEC solves two problems
which have plagued the IP protocol suite for years: host-to-host
authentication (which will let hosts know that they're talking to the
hosts they think they are) and encryption (which will prevent
attackers from being able to watch the traffic going between
machines).
6.
What is a network firewall?
A firewall is a system or group of systems that enforces an access
control policy between two networks. The actual means by which this is
accomplished varies widely, but in principle, the firewall can be thought of as
a pair of mechanisms: one which exists to block traffic, and the other
which exists to permit traffic. Some firewalls place a greater emphasis on
blocking traffic, while others emphasize permitting traffic.
Probably the most important thing to recognize about a firewall is that it
implements an access control policy. If you don't have a good idea of what
kind of access you want to allow or to deny, a firewall really won't help you.
It's also important to recognize that the firewall's configuration, because it is
a mechanism for enforcing policy, imposes its policy on everything behind it.
Administrators for firewalls managing the connectivity for a large number of
hosts therefore have a heavy responsibility.
7.
What is synchronization and why is it important?
With respect to multithreading, synchronization is the capability to control
the access of multiple threads to shared resources. Without synchronization,
it is possible for one thread to modify a shared object while another thread is
in the process of using or updating that object's value. This often leads to
significant errors.
8.
What are the critical resources in a firewall?
1. Service Critical Resource
2. Email
3. Disk I/O
4. Netnews Disk I/O
5. Web Host
6. OS Socket Performance
7. IP Routing Host OS Socket Performance
8. Web Cache
9. Host OS Socket Performance, Disk I/O
9.
What are some common attacks, and how can I protect my
system against them?
Each site is a little different from every other in terms of what attacks are
likely to be used against it. Some recurring themes do arise, though.
10.
What is the difference between gateway and firewall?
A network gateway joins two networks together through a
combination of hardware and software. A network firewall guards a
computer network against unauthorized incoming or outgoing
access. Network firewalls may be hardware devices or software
programs.
11.
What is the difference between router ACLs and Firewall ACLs?
Fundamental purpose:
1. Routers are designed to route traffic, not stop it.
2. Firewalls are designed to examine and accept/reject traffic. But
the both ACL are do the same job. Depending upon our
requirements we do our ACL configuration on it.
12.
A trace route command work across the firewall? why?
Trace route is based on ICMP type 30 under Windows and UDP under NIX;
trace route packets that would hit the firewall should be dropped similarly
any echo replay coming from inside the firewall should be restricted
outbound.
13.
Can you define Packet filtering?
Packet filtering is the process of passing or blocking packets at a
network interface based on source and destination addresses, ports,
or protocols. The process is used in conjunction with packet mangling
and Network Address Translation (NAT). Packet filtering is often part of
a firewall program for protecting a local network from unwanted intrusion.
The packet filter examines the header of each packet based on a
specific set of rules, and on that basis, decides to prevent it from
passing (called DROP) or allow it to pass (called ACCEPT).
14.
Can you explain circuit level gateway?
The circuit level gateway firewalls work at the session layer of the
OSI model. They monitor TCP handshaking between the packets to
determine if a requested session is legitimate. And the information
passed through a circuit level gateway, to the internet, appears to
have come from the circuit level gateway. So, there is no way for a
remote computer or a host to determine the internal private ip
addresses of an organization, for example. This technique is also called
Network Address Translation where the private IP addresses
originating from the different clients inside the network are all mapped to
the public IP address available through the internet service provider and
then sent to the outside world (Internet). This way, the packets are tagged
with only the Public IP address (Firewall level) and the internal private IP
addresses are not exposed to potential intruders.
15.
Can you explain stateful inspection?
Stateful inspection, also known as dynamic packet filtering, is a
firewall technology that monitors the state of active connections and
uses this information to determine which network packets to allow
through the firewall. Stateful inspection has largely replaced an older
technology, static packet filtering. In static packet filtering, only the headers
of packets are checked -- which means that an attacker can sometimes get
information through the firewall simply by indicating "reply" in the header.
Stateful inspection, on the other hand, analyzes packets down to the
application layer. By recording session information such as IP addresses and
port numbers, a dynamic packet filter can implement a much tighter security
posture than a static packet filter can.
16.
Can you explain the concept of demilitarized zone?
The concept of the DMZ, like many other network security concepts, was
borrowed from military terminology. Geopolitically, a demilitarized zone
(DMZ) is an area that runs between two territories that are hostile to one
another or two opposing forces' battle lines. The DMZ likewise provides a
buffer zone that separates an internal network from the often hostile
territory of the Internet. Sometimes it's called a "screened subnet" or a
"perimeter network," but the purpose remains the same.
17.
What is Application level Gateway?
An application layer gateway (ALG) is a feature on ScreenOS gateways
that enables the gateway to parse application layer payloads and take
decisions on them. Although there are other ScreenOS features, such as
deep inspection, in which the gateway inspects traffic at the application
layer, ALGs are typically employed to support applications that use the
application layer payload to communicate the dynamic Transmission Control
Protocol (TCP) or User Datagram Protocol (UDP) ports on which the
applications open data connections. Such applications include the File
Transfer Protocol (FTP) and various IP telephony protocols. The dynamic
TCP, UDP, or other ports that are opened by the ScreenOS gateway to
permit these data or secondary channels are referred to as pinholes, and are
active strictly for the duration of activity on the data channel.
18.
Can you explain the concept of demilitarized zone?
The concept of the DMZ, like many other network security concepts, was
borrowed from military terminology. Geopolitically, a demilitarized zone
(DMZ) is an area that runs between two territories that are hostile to one
another or two opposing forces' battle lines.
The DMZ likewise provides a buffer zone that separates an internal network
from the often hostile territory of the Internet. Sometimes it's called a
"screened subnet" or a "perimeter network," but the purpose remains the
same.
19.
What is the meaning of bastion host?
A bastion host is a specialized computer that is deliberately exposed on a
public network. From a secured network perspective, it is the only node
exposed to the outside world and is therefore very prone to attack. It is
placed outside the firewall in single firewall systems or, if a system has two
firewalls, it is often placed between the two firewalls or on the public side of
a demilitarized zone (DMZ).
The bastion host processes and filters all incoming traffic and
prevents malicious traffic from entering the network, acting much
like a gateway. The most common examples of bastion hosts are
mail, domain name system, Web and File Transfer Protocol (FTP)
servers. Firewalls and routers can also become bastion hosts
20.
What are types of firewall architecture ?
1. Screening Router Architecture
2. Dual-Homed Host Architecture
3. Screened Host Architecture
4. Screened Subnet Architecture
21.
Explain about Screening Router Architecture?
In this architecture a firewall consists of nothing more than a screening
router. Host on the Local Network and hosts on the Internet are allowed to
communicate directly. The communication is restricted to the type that is
allowed by a screening router. The security of the whole Local Network
depends on the correct ACL of the router and on the amount of services
permitted.
22.
Circuit level gateway advantages and disadvantages?
The following are the advantages of Circuit Level Gateways:
1. Private network data hiding
2. Avoidance of filtering individual packets
3. Flexible in developing address schemes
4. Don't need a separate proxy server for each application
5. Simpler to implement
The following are the disadvantages of Circuit Level Gateways:
1. Active content cannot be scanned or disallowed commands.
2. Can only handle TCP connections – new extensions proposed for
UDP
3. TCP/IP stacks are mandatorily be modified by vendor for using CL
Gateways.
23.
What is IP spoofing and how can it be prevented?
IP spoofing is a mechanism used by attackers to gain unauthorized access
to a system. Here, the intruder sends messages to a computer with an IP
address indicating that the message is coming from a trusted host. This is
done by forging the header so it contains a different address and make it
appear that the packet was sent by a different machine. Prevention:-
1. Packet filtering: - to allow packets with recognized formats to
enter the network
2. Using special routers and firewalls
3. Encrypting the session
24.
What is the use of area and perimeter?
A lot of times, area and perimeter is used to help with a lot of home
improvement projects like carpeting and hardwood flooring and painting.
This is used to help give a good estimate of how much material you would
need for these sort of projects. To find out what the outside of the shape is
(perimeter), and to find out the inside size (area).
25.
Can you explain screened subnet architecture?
A screened subnet (also known as a "triple-homed firewall") is a
network architecture that uses a single firewall with three network
interfaces.
The purpose of the screened subnet architecture is to isolate the DMZ and its
publicly-accessible resources from the intranet, thereby focusing external
attention and any possible attack on that subnet. The architecture also
separates the intranet and DMZ networks, making it more difficult to attack
the intranet itself. When a properly configured firewall is combined with the
use of private IP addresses on one or both of these subnets, attack becomes
that much more difficult.
26.
Can you explain screened host architecture?
screened host architecture is a lower-security, lower-cost alternative to the
screened subnet architecture discussed in the previous sections. The
screened host architecture is often used by very small sites that are facing
significant cost constraints.
In a screened host architecture, there is no perimeter net, no interior router,
and often no bastion host per se. (Obviously, there is a host that the outside
world talks to, but this host is often not dedicated solely to that task.) What
you have instead is a single router (most analogous to the exterior router in
the dual-router screened subnet architecture) and a services host that
provides Internet services to internal and external clients (and is often used
for other tasks as well).
The router is there to protect and control access to the internal net, and the
services host is there to interact with the outside world, much like a bastion
host. We call it a services host, rather than a bastion host, because it's often
fulfilling many other roles. For example, it's probably the mail server, Usenet
news server, and DNS server for the site; it might possibly be a file server,
print server, and so on, as well; it might even be the only machine the site
has.
27.
Can you explain dual home architecture?
In this architecture a firewall consists of Dual-Homed Host machine
(machine having two or more IP addresses each for specific physical
port). One port of the machine connects to the Local Network and the other
port/ports connect to the Internet. The IP datagram forwarding is turned off
on the Dual-Homed Host machine, thus there is no direct TCP/IP connection
between the Local Network and the Internet.
You permit communication between Local Network and the Internet in either
of two ways:
1. Users on the Local Network are given accounts on the Dual-
Homed Host machine. In order to use Internet services the must
rlogin on the Dual-Homed Host machine. The fact that you allow
accounts on the machine weakens its security greatly (it now
depends on each user and user that have access to it, more
correctly it depends on the users' ability to choose "strong"
passwords). Once the outsider succeeds to rlogin on the Dual-
Homed Host machine he/she can access the entire Local Network.
2. Dual-Homed Host runs proxy program for each service you want
to permit, thus there is no more need for users to rlogin to the
machine in order to access the Internet. They can communicate
via proxy software.
The only host that can be accessed and thus attacked from the
Internet is the Dual-Homed host machine. Thus it must have
much greater level of security than the ordinary host on the Local
Network. The excessive logging and auditing of system state
must be performed, only secure software and necessary software
installed and so on. This architecture is much more secure than
the Screening Router Architecture. But still once the Dual-Homed
Host is subverted the entire Local Network is vulnerable to attack.
28.
What is Routing table?
A routing table stores the routes of the various nodes in a network. Nodes
can be any electronic device connected to the network. The table is usually
stored in a router or the network computer as a database or file. This
information helps to found the best possible path. The routing table has at
least 3 fields: the destination network id, cost of the path, next hop or
address to send the packet.
29.
What is Routing Protocols?
Routing protocols are used to assist in achieving the basic purpose of
routing. They specify the routers the method to communicate with each
other. They help the routers select the best possible path between nodes.
There are different types of protocols such as link-state routing protocols,
path vector protocols and distance vector routing protocols. These protocols
prevent routing loops to form or break if formed already. They help to decide
preferred routes from a sequence of hop costs.
30.
What is SNMP (Simple Network Management Protocol)?
SNMP or Simple Network Management Protocol is typically used for
managing the network. Managing the network includes managing the nodes
present in the network. These nodes may be server, routers, bridges and
hubs. SNMP agents are used to achieve this. Managing the network is
essential because it helps to monitor network performance, detect network
faults or failures, audit network usage etc. the SNMP messages like TRAP,
GET or SET may be invoked by network elements or network management
system.
31.
What is POP3 (Post Office Protocol 3)?
POP3 or Post Office Box 3 is used for receiving emails. It is a client
server protocol which holds the email. Once the email is downloaded
from the server, POP3 deletes it from the server. Ordinal numbers are
used to identify specific messages.
32.
What is NNTP (Network News Transfer Protocol)?
NNTP or Network News Transfer Protocol is used to manage the notes
posted on Unset newsgroup (a collection of posted notes on a subject posted
by different users). NNTP servers are responsible for managing Usenet
newsgroup collected globally. A NTTP client is a part of the web browser also
called as a news reader. It uses a reserve port no 119.
33.
What is HTTP (Hypertext Transfer Protocol)?
HTTP or Hyper Text Transfer Protocol is provides a set of rules to
transfer files, videos, images over the world wide web. When the web
browser is opened, a HTTP request call is made. A web server
contains a HTTP daemon. This daemon is used to wait for HTTP
requests and handle them when they arrive. The web browser from
where HTTP requests are made is called as a client. These requests
are sent to the server. It uses a reserved port no 80.
34.
What is IGMP protocol?
Internet Group Management Protocol, allows internet hosts to multicast.
i.e. to send messages to a group of computers. There may be a group of
internet hosts interested to multicast. IGMP allows router to determine which
host groups have members on a given network segment. It helps to
establish group memberships. It is commonly used for streamlining videos
and gaming. The protocol can be implemented both as a host side and
router side. The host side is responsible to notify its membership in a group.
The notification is made to a local router. This local router (router side) in
turn sends out queries.
35.
What is NetBIOS protocol?
NetBIOS (Network Basic Input/output System) Protocol allows
applications on separate computers to communicate over a LAN. It runs over
TCP/IP giving each computer in the network a NetBIOS name and IP
address. E.g. It can be used for computers running Windows 2000 (or
before) to join a computer network running Windows 2000 (or later).
36.
What is Data encryption?
Data encryption ensures data safety and very important for confidential or
critical data. It protect data from being read, altered or forged while
transmission.
37.
What is the Public Key Encryption?
Public key encryption use public and private key for encryption and
decryption. In this mechanism, public key is used to encrypt messages and
only the corresponding private key can be used to decrypt them. To encrypt
a message, a sender has to know recipient's public key.
38.
Define Digital Signatures.
Digital signature is an attachment to an electronic message used for security
purpose. It is used to verify the authenticity of the sender.
39.
What is CSMA and CD concept?
In CSDA (carrier sense multiple access), presence of any digital signal in a
network is checked before transmission. Data transmission occurs only when
no signal is sensed. CD, Collision detection is responsible for monitoring
carrier in order to avoid signal jam.
40.
What is Ethernet technology?
Ethernet technology is a high speed broadcast bus technology. In this type,
all the station shares a single ether channel and receives every single
transmitted signal.
5 Interview Questions for Firewall Engineers
Your ability to secure data using the right mix of hardware and software is critical
to a company’s operations, and even its bottom line. Among the most important
things recruiters and hiring managers look for during an interview seems basic:
technical competence.
At the same time, they want to see that you can fit into the corporate culture.
That’s the kind of thing many tech people struggle to demonstrate.
This means you can expect your interview to cover areas that seem to have little
relation to one another. So be ready to shift gears quickly as the conversation
goes on. Here are some of the questions you should be ready to field.
What’s the size of your network?
What you should say: Your answer depends on who’s asking the question.
For example, if it’s a technical person conducting the interview, you might
want to answer in terms of nodes. However the idea of a 1,300-node network
probably won’t mean anything to a businessperson. For an executive or
someone in sales, it’s better to say you have 1,500 users.
Why you should say it: You want to qualify your audience. Before you
answer, be sure you understand how it will resonate with the person who’s
asking. If that executive doesn’t know what you’re talking about, he’s got no
basis on which to judge some of your critical experience. Bottom line: Know
your audience.
What’s the most successful firewall project you’ve worked on? What was
your role?
What you should say: If you’re a senior engineer, managers want to hear
that you led the project and designed it, not that you just did what you were
told to do. Structure your answer to identify the possible solutions you looked
at, which one you chose and why, and then get into details of your role.
Come prepared to get into detail about your biggest projects.
Why you should say it: This is where the interviewer gets a sense of who
you are. If you just say you were part of a team, that tells them you haven’t
really worked on a lot of cutting-edge projects. Good interviewers are moving
away from black-and-white questions and pat, right-or-wrong answers. A lot
of their questions will be meant to gauge the complexity of your environment
and how effective you were in working with it.
Describe the biggest security breach you’ve encountered. How did you
handle it, and what would you do differently?
What you should say: Some might say they’ve never had a breach, but that
could imply you. Assuming you have experienced a breach, be sure to help
the interviewer understand what controls and measures you put in place and,
again, highlight your specific role. Don’t just say you had a problem — show
how you overcame it.
Why you should say it: Contrary to the usual advice to be a team player,
it’s important to emphasize your individual contribution. You want the
interviewer to know exactly what you bring to the table. You’re interviewing
for you, not your team.
What percentage of your responsibilities is dedicated to IT security?
What you should say: Tell the truth, but bear in mind having security as just
one of many roles could be a liability to some employers. If security is one of
five or six responsibilities you have, you won’t have knowledge that’s as
deep as someone who handles it full-time. So be sure to put it in perspective.
If you have multiple responsibilities and security is the major one, emphasize
that.
Why you should say it: People want to get to the core of how much of your
day is devoted to IT security. If it’s simply 20 percent of your role, face the
fact that this job’s probably not for you. Bottom line: Make sure you’re a
perfect fit when targeting this position.
Why do you want to work here?
What you should say: Avoid a cookie-cutter answer like “to grow my
career” or “I’m fascinated by your business.” Show that you’ve researched
the company, that you’re motivated, interested and have ideas about how
you can contribute. Prepare by following the basics: Get onto the company’s
website, look at its press releases and financials, and incorporate relevant
details into your answers.
Why you should say it: First, you want to impress the interviewers with how
much you know about the company and tie it back to how you can contribute.
That shows your interest in the job. Second, as important as it is
to demonstrate your technical skills, proving that you can fit into the
employer’s culture can be even more critical. Recruiters say successful hiring
decisions are 60 percent about technical skills and 40 percent cultural fit.
While the technical skills will get you the interview, it’s the cultural fit that
lands you the job.
Which of the applications in Check Point technology can be used to configure
security objects?
Answer:
Smart Dashboard
Question 2 – Which of the applications in Check Point technology can be used to
view who and what the administrator do to the security policy?
Answer:
SmartView Tracker
Question 3 – What are the two types of Check Point NG licenses?
Answer:
Central and Local licenses
Central licenses are the new licensing model for NG and are bound to the Smart
Center server. Local licenses are the legacy licensing model and are bound to the
enforcement module.
Question 4 – What is the main different between cpstop/cpstart and
fwstop/fwstart?
Answer:
Using cpstop and then cpstart will restart all Check Point components, including the
SVN foundation. Using fwstop and then fwstart will only restart VPN-1/FireWall-1.
Question 5 – What are the functions of CPD, FWM, and FWD processes?
Answer:
CPD – CPD is a high in the hierarchical chain and helps to execute many services,
such as Secure
Internal Communication (SIC), Licensing and status report.
FWM – The FWM process is responsible for the execution of the database activities
of the
Smart Center server. It is; therefore, responsible for Policy installation,
Management High
Availability (HA) Synchronization, saving the Policy, Database Read/Write action,
Log
Display, etc.
FWD – The FWD process is responsible for logging. It is executed in relation to
logging, Security
Servers and communication with OPSEC applications.
Question 6 – How to Install Checkpoint Firewall NGX on SecurePlatform?
Answer:
1. Insert the Checkpoint CD into the computers CD Drive.
2. You will see a Welcome to Checkpoint SecurePlatform screen. It will prompt you
to press any key. Press any key to start the installation; otherwise it will abort the
installation.
3.You will now receive a message saying that your hardware was scanned and
found suitable for installing secureplatform. Do you wish to proceed with the
installation of Checkpoint SecurePlatform.
Of the four options given, select OK, to continue.
4.You will be given a choice of these two:
SecurePlatform
SecurePlatform Pro
Select Secure platform Pro and enter ok to continue.
5.Next it will give you the option to select the keyboard type. Select your Keyboard
type (default is US) and enter OK to continue.
6.The next option is the Networking Device. It will give you the interfaces of your
machine and you can select the interface of your choice.
7.The next option is the Network Interface Configuration. Enter the IP address,
subnet mask and the default gateway.
For this tutorial, we will set this IP address as 1.1.1.1 255.255.255.0 and the
default gateway as 1.1.1.2 which will be the IP address of your upstream router or
Layer 3 device.
8.The next option is the HTTPS Server Configuration. Leave the default and enter
OK.
9.Now you will see the Confirmation screen. It will say that the next stage of the
installation process will format your hard drives. Press OK to Continue.
10.Sit back and relax as the hard disk is formatted and the files are being copied.
Once it is done with the formatting and copying of image files, it will prompt you
reboot the machine and importantly REMOVE THE INSTALLATION CD. Press Enter
to Reboot.
Note: Secure platform disables your Num Lock by overriding System BIOS settings,
so you press Num LOck to enable your Num Lock.
For the FIRST Time Login, the login name is admin and the password is also admin.
11.Start the firewall in Normal Mode.
12. Configuring Initial Login:
Enter the user name and password as admin, admin.
It will prompt you for a new password. Chose a password.
Enter new password: check$123
Enter new password again: check$123
You may choose a different user name:
Enter a user name:fwadmin
Now it will prompt you with the [cpmodule]# prompt.
13. The next step is to launch the configuration wizard. To start the configuration
wizard, type “sysconfig”.
You have to enter n for next and q for Quit. Enter n for next.
14.Configuring Host name: Press 1 to enter a host name. Press 1 again to set the
host name.
Enter host name: checkpointfw
You can either enter an ip address of leave it blank to associate an IP address with
this hostname. Leave it blank for now.
Press 2 to show host name. It now displays the name of the firewall as
checkpointfw.
Press e to get out of that section.
15.Configuring the Domain name.
Press 2 to enter the config mode for configuring the domain mode. Press 1 to set
the domain name.
Enter domain name:yourdomain.com
Example:
Enter domain name: checkpointfw.com
You can press 2 to show the domain name.
16. Configuring Domain Name Servers.
You can press 1 to add a new domain name server.
Enter IP Address of the domain name server to add: Enter your domain name
server IP Address HERE.
Press e to exit.
Network Connections.
17. Press 4 to enter the Network Connections parameter.
Enter 2 to configure a new connection.
Your Choice:
1) eth0
2) eth1
3) eth2
4) eth3
Press 2 to configure eth1. (We will configure this interface as the inside interface
with an IP address of 192.168.1.1 and a subnet mask of 255.255.255.0. The
default gateway will be configured as 1.1.1.1.)
Press 1) Change IP settings.
Enter IP address for eth1 (press c to cancel): 192.168.1.1
Enter network Mask for interface eth2 (press c to cancel): 255.255.255.0
Enter broadcast address of the interface eth2 (leave empty for default): Enter
Pres Enter to continue….
Similarly configure the eth2 interface, which will be acting as a DMZ in this case
with 10.10.10.1 255.255.255.0.
Press e to exit the configuration menu.
18.Configuring the Default Gateway Configuration.
Enter 5 which is the Routing section to enter information on the default gateway
configuration.
1.Set default gateway.
2.Show default gateway.
Press 1 to enter the default gateway configuration.
Enter default gateway IP address: 1.1.1.2
19. Choose a time and date configuration item.
Press n to configure the time zone, date and local time.
This part is self explanatory so you can do it yourself.
The next prompt is the Import Checkpoint Products Configuration. You can n for
next to skip this part as it is not needed for fresh installs.
20. Next is the license agreement. You have the option of V for evaluation product,
U for purchased product and N for next. If you enter n for next. Press n for next.
Press Y and accept the license agreement.
21.The next section would show you the product Selection and Installation option
menu.
Select Checkpoint Enterprise/Pro.
Press N to continue.
22. Select New Installation from the menu.
Press N to continue.
23. Next menu would show you the products to be installed.
Since this is a standalone installation configuration example, select
VPN Pro and
Smart center
Press N for next
24.Next menu gives you the option to select the Smart center type you would like
to install.
Select Primary Smart center.
Press n for next.
A validation screen will be seen showing the following products:
VPN-1 Pro and Primary Smart center.
Press n for next to continue.
Now the installation of VPN-1 Pro NGX R60 will start.
25. The set of menu is as follows:
Do you want to add license (y/n)
You can enter Y which is the default and enter your license information.
26. The next prompt will ask you to add an administrator. You can add an
administrator.
27.The next prompt will ask you to add a GUI Client. Enter the IP Address of the
machine from where you want to manage this firewall.
28. The final process of installation is creation of the ICA. It will prompt you for the
creation of the ICA and follow the steps. The ICA will be created. Once the random
is configured (you dont have to do anything), the ICA is initialized.
After the ICA initialized, the fingerprint is displayed. You can save this fingerprint
because this will be later used while connecting to the smart center through the
GUI. The two fingerprints should match. This is a security feature.
The next step is reboot. Reboot the firewall.
Question 7 – What are the types of NAT and how to configure it in Check Point
Firewall?
Answer:
Static Mode – manually defined