Check Point NG/AI: Next Generation with Application Intelligence Security Administration

Chapter 4: Creating a Security Policy

Introduction

This chapter discusses how to define a security policy, which needs to be done early on in order to find the right solution for your specific environment. Once you determine how you want to enforce security in your company, you will know whether you need to set up user authentication or whether you should use your existing Lightweight Directory Access Protocol (LDAP) server. Once you have created a security policy for your company and have planned to introduce security into your network, choosing your implementation strategy should be fairly straightforward.

Next is a discussion on how to implement your security policy into the Check Point SmartDashboard. If you are using private Internet Protocol (IP) addresses inside your firewall, you may need to read the chapter on network address translation (NAT) before you can put your firewall completely in place. This chapter shows how to get your firewall ready to enforce your policy and begin passing packets in your network.

You are then walked through the setup of a firewall object, and the step-by-step procedure for adding the services outlined in your Information Security Policy into the Check Point SmartDashboard interface. This chapter then discusses some additional ways in which to manipulate your rules as well as how to install your policy so that it is enforced.

Reasons for a Security Policy

You are probably deploying Check Point Next Generation (NG) with Application Intelligence (AI) to protect something. Do you know what you are protecting, what you are protecting it...