Manualshelf

User guide

ManualsBrandsCheck Point Software Technologies ManualsNetworkingSafe@Office 1000NW
401402403404405406407408409410
The Safe@Office Firewall Security Policy
392 Check Point Safe@Office User Guide
Security Policy Implementation
The key to implementing a network security policy is to understand that a firewall is
simply a technical tool that reflects and enforces a network security policy for accessing
network resources.
A rule base is an ordered set of individual network security rules, against which each
attempted connection is checked. Each rule specifies the source, destination, service, and
action to be taken for each connection. A rule also specifies how a communication is
tracked, logged, and displayed. In other words, the rule base is the implementation of the
security policy.
Security Policy Enforcement
The Safe@Office appliance uses the unique, patented INSPECT engine to enforce the
configured security policy and to control traffic between networks. The INSPECT engine
examines all communication layers and extracts only the relevant data, enabling highly
efficient operation, support for a large number of protocols and applications, and easy
extensibility to new applications and services.
Planning the Safe@Office Firewall Security Policy
Before creating a security policy for your system, answer the following questions:
Which services, including customized services and sessions, are allowed across
the network?
Which user permissions and authentication schemes are needed?
Which objects are in the network? Examples include gateways, hosts, networks,
routers, and domains.
Which network objects can connect to others, and should the connections be
encrypted?
What should be the event logging policy?
Which Quality of Service (QoS) classes will you need?