Manualshelf

Technical data

ManualsBrandsCheck Point Software Technologies ManualsNetworkingVSX-1 11060
61626364656667686970
Configuring VSX
Check Point VSX Administration Guide NGX R67 | 63
6. Close the window and save the definition.
7. Add a rule to the Rule Base that allows traffic for the specified multicast groups and install the policy.
Modifying an Interface Definition
This sections presents procedures for modifying existing interface definitions and related features.
Selecting and Opening an Existing Interface
Interfaces definitions are always associated with a Virtual Gateway or a Virtual System definition. To work
with an existing interface definition:
1. Double click the desired interface in the Interfaces section.
2. In the Interface Properties window, define the interface properties ("Adding a New Interface" on page
60).
Deleting an Interface
To delete an interface, click Remove on the object Topology page.
Working with Authentication
Supported Authentication Schemes
Authentication schemes employ user names and passwords to identify valid users. Some schemes are
maintained locally, storing user names and passwords on the VSX gateway, while others store
authentication information on an external authentication server. Some schemes, such as SecurID, are
based on providing a one-time password.
All of the schemes can be used with users defined on an LDAP server. For additional information on
configuring a Security Gateway to integrate with an LDAP server, refer to the SmartDirectory (LDAP) and
User Management section in the R75 Security Management Administration Guide
(http://supportcontent.checkpoint.com/documentation_download?ID=11667).
Check Point Password
VSX stores a static password for each user in the management server database. No more software is
required.
Operating System Password
VSX can authenticate users by means of a user name and password defined on the management server
operating system. You can also use passwords stored in a Windows domain. No additional software is
required.
Radius
Remote Authentication Dial In User Service (RADIUS) is an external, server-based authentication protocol
that provides authentication services using the UDP protocol.
TACACS, TACACS+
Terminal Access Controller Access Control System (TACACS) is an external, server-based authentication
protocol that provides verification services using the TCP protocol. TACACS+ is an enhanced version of the
TACACS that supports additional types or authentication requests and response codes.