Platform: https://racks.uninets.com
Lab Name: Check Point
You can access the entire Checkpoint lab guide right here:
CCSA Lab Guide
CCSE Lab Guide
This article will provide a detailed explanation of how to set up “Initial Configuration for Check Point”
Task
Configure Security Management Server. With hostname firewall server, give IP-address 172.11.1.1/24 to management interface. Then, took GUI from management interface using default credential and did the rest of configuration
Basic understanding of the Checkpoint SMART Architecture
Configure Security Gateway with hostname firewall-Gateway, and give IP-address for management interface 172.11.2.1/24. Then, take GUI from management interface using default credential and do the rest of configuration
Configure IP- addresses for internal and external networks on firewall – firewall Gateway for internal-NW interfaces eth1 and eth2 172.11.3.1 through on CMD
Identify the operating systems versions of SM and SG, and whether it’s a SM/SG.
Explanation
The core component of checkpoint’s unified cybersecurity architecture is the checkpoint Security Management Architecture. Administrators can centrally configure, manage and monitor all security devices, including endpoints, from one console (the Smart Dashboard).
These are the components of the Checkpoint core system
Smart Console
Security Management Server
Security Gateway
Smart Console
Smart Console is made up of several clients that are used to manage the checkpoint security environment. Smart Dashboard is one of the Smart Console clients. It provides a single GUI interface that allows you to define and manage multiple elements, such as firewall security and VPNs. Monitoring and configuration
Security Management Server
Security Management Server stores security policies and distributes them to multiple security gateways. These security policies can be defined using Smart Dashboard and saved to Security Management Server. The Checkpoint database is maintained by Security Management Server. Security Gateways are notified when policies are modified or created. Security policies are constantly updated on all Security Gateways, which improves security.
Security Gateway
Security Gateway is the firewall that installs firewall software and does Stateful Inspection. Security policies can be created using Smart Dashboard and saved to Security Management Server. Inspection scripts are then generated from policies. Inspection code is then compiled from inspection code and distributed to Security Gateways, where it is installed.
Configuration
Open putty, firewall-server console access
[email protected] and username-admi
This system can only be used by authorized personnel.
Log in: admin
Password:
To configure your system, please visit the Web UI and complete the First Time Wizard.
gw-0e6046>
The default shell of CLI is called “clish” so we are now in clish mode.
We now have the hostname-server IP-address for interface eth0 172.11.1.1/24
firewall-server> show interface eth0
State on
mac-addr 50:13:00:04:00:00 gw-0e6046>
gw-0e6046> set hostname firewall-server
255.0all-server> set interface eth0 ipv4-address 172.11.1.1 subnet-mask 255.255.255.0
firewall-server> Save config
firewall-server> show interface eth0
type ethernet
link-state link up
mtu 1500
ipv4-address 172.11.1.1/24
Now, we can take GUI of SM management interface ip address with username-admin [email protected] Open any browser and type https://172.11.1.1 to put credential
Click on Login to proceed to the next page
Here we need to choose the ios installation method
Click on next to change the IP-address.
Here if you want