Introduction

Once you have the VPN-1/FireWall-1 software installed and configured, then you are ready to log into the graphical user interface and start composing your objects and rule bases. In this chapter I will walk you through all the options you have for creating various objects and show you some of the nice features that you can utilize in the policy editor to manipulate your rules.

I will show you how to access the firewall's implied rules, and explain the global properties that affect every security policy you create. It's important to know why your firewall is allowing pings, if you have not explicitly defined them in your rule base.

After paying a lot of attention to your policy options, I will then show you how to access your firewall logs and system status. The Track options you choose in your policy will affect the outcome of your logs. You may choose to log some rules and not others. I will also describe ways to make certain selections in your Log Viewer so that you can view only logs for a specific source IP address, or logs for a specific user. The Check Point Log Viewer has a really high quality interface, and is easy to understand.

Managing Objects

Managing objects is probably the thing you'll be doing most often as a firewall administrator. Luckily for you, Check Point has made this task much easier than you might think. While there is still a lot of information needed to set...