TABLE OF CONTENTS The emergence of the Internet has allowed the increasing growth of companies that are using it as a backbone to connect remote offices, partners, and remote clients. The Internet is a public network, in that no single entity owns the Internet. When you send data through the Internet, you have no way of knowing who owns the devices that the traffic is passing through, or who may be able to view that data. Because of this, virtual private networks (VPN) were developed. A VPN provides a means of encrypting your data such that only other authorized systems can decrypt it. Because of this, VPNs allow you to maintain the confidentiality and integrity of your data across an inherently insecure medium.
This chapter will focus on configuring site-to-site VPNs and the different design considerations that are involved. Refer to Chapter 12 for more information on remote clients, and remote client VPNs. This chapter describes many new features that will be discussed and demonstrated so that you may easily set up a VPN between two Check Points or even another vendor s device, such as a Cisco PIX firewall. We will start by explaining some key VPN-related concepts and then explain and demonstrate the different methods for setting up a Check Point VPN and configuring your rulebase in order to complete your VPN solution. We will also explain troubleshooting steps you can take when working with VPNs.
Encryption is the process of turning something that is normally readable (plaintext )...
