Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Checkpoint SecureClient as a personal firewall

from [Andy Barrett] Network Security [Permanent Link]
Subject: RE: Checkpoint SecureClient as a personal firewall
Date: Wed, 27 Jul 2005 16:17:07 +0100 
Checkpoint SecureClient as a personal firewallAlternatively, Integrity
Secure Client from Check Point would be a better option.  This uses all the
good stuff from SC and adds the extra features from Integrity (Zone Labs
product - Zone labs are a Check Point company).  ISC v6.0 also has an
advisory option which applies best practices to your corporate policy and
pre-emptively blocks known and unknown malware automatically.  Go to
http://www.checkpoint.com/products/integrity_sc/index.html for further
details.
  -----Original Message-----
  From: Lachniet, Mark [mailto:mlachniet@sequoianet.com]
  Sent: 27 July 2005 15:45
  To: Haseeb Chaudhary; firewalls@securityfocus.com
  Subject: RE: Checkpoint SecureClient as a personal firewall


  It works okay, but you have to remember that it doesn't have as many
features as a "real" personal firewall. Namely, the ACL's are all configured
using the SmartClients and pushed via the policy server.  It does not
maintain (as far as I know) any kind of hash database of "allowed
executables".  In other words, it doesn't give you a popup when malware.exe
tries to establish an outgoing connection, which is IMO one of the most
useful features of a personal firewall.

  Also, if you push a bad policy to the client, you can make problems for
yourself - for example pushing a policy that blocks access to your policy
server might not be fun.

  Mark Lachniet


----------------------------------------------------------------------------
--
  From: Haseeb Chaudhary [mailto:haseeb.chaudhary@FXALL.com]
  Sent: Tue 7/26/2005 4:37 AM
  To: firewalls@securityfocus.com
  Subject: Checkpoint SecureClient as a personal firewall


  Hi,

  I would just like to mention we're looking at deploying SecureClient VPN
client as a personal firewall - main reason being we can easily push/change
poilicies on the laptop firewall (connecting to Checkpoint VPN server). The
requirement is to provide protection to sales employees who connect to
'other' networks whilst doing client presentations.

  If anyoneone has any experience of using SecureClient as a personal
firewall in a corporate environment I would greatly apprecitae feedback.

  thanks inadvance, Haseeb



- - - 
Unipalm e-Business
Aruba | Appsense | Citrix | FaceTime | Ipswitch | Radware | ThinPrint | 
WebTrends | Zultys

Unipalm e-Security
ActivCard | Blue Coat | Check Point | Clearswift | Crossbeam | Fortinet
GuardedNet | Internet Security Systems | nCipher | NetIQ | Nokia | PolicyMatter
SafeNet | Symantec | Trend Micro | Tripwire | Websense

Unipalm Professional Services
Support | Consultancy | Training | Security Testing
N-Able | SafeAnet | TraceSecurity | Uni-Finance 
- - -
CONFIDENTIALITY AND DISCLAIMER NOTICE

This e-mail is intended only for the addressee named above and the contents 
should not be disclosed to any other person nor copies taken. Any views or 
opinions presented are solely those of the sender and do not necessarily 
represent those of ComputerLinks (UK) Ltd. (trading as Unipalm) unless 
otherwise specifically stated. As Internet communications are not secure we 
do not accept legal responsibility for the contents of this message nor 
responsibility for any change made to this message after it was sent by the
original sender. We advise you to carry out your own virus check before 
opening any attachment as we cannot accept liability for any damage 
sustained as a result of any software viruses.

- - -
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  PIX DMZ INT - SNMP MONITORING, Jonathan Upperman
Next by Date:  RE: Checkpoint SecureClient as a personal firewall, Wayne Ho
Previous by Thread:  RE: Checkpoint SecureClient as a personal firewall, Lachniet, Mark
Next by Thread:  RE: Checkpoint SecureClient as a personal firewall, Wayne Ho
Indexes:  [Date] [Thread] [Top] [All Lists]