Check Point NG/AI: Next Generation with Application Intelligence Security Administration

Chapter 8: Managing Policies and Logs

Introduction

In this chapter we strive to give you some basic firewall administrator knowledge and show you how to administer the enterprise security software package VPN-1/FW-1 Next Generation with Application Intelligence (NG AI) so that it doesn t get too big for you to handle. It s very easy for several administrators to be involved in policy development and manipulation, but if you have too many people involved in a security system such as a firewall, you need to keep strict vigilance and record who is making changes when and why. Otherwise, you could end up with a misconfigured firewall, which could compromise the security it is meant to provide.

Besides monitoring administrator activities, you should also keep software up to date. You should frequently check Check Point s Web site for the latest security patches and software updates. Sometimes these updates require you to modify configuration files or to stop and start your firewall services, and we discuss how to go about performing those tasks in this chapter.

This chapter covers performance related to your security policy and logs and discusses what to do when you have multiple firewalls in various locations. It tells you about your firewall s log files and some ways to administer your logs so that you don t run into disk space issues. This chapter also equips you with several command-line options that you can use to perform maintenance or troubleshoot your firewall.

As a Check Point NG AI administrator, you have three main goals with respect to administration.