User Manual Part 1
Table Of Contents
- Check Point Safe@Office User Guide 8.0
- Copyright & Trademarks
- Contents
- About This Guide
- Introduction
- About Your Check Point Safe@Office Appliance
- Safe@Office 500 Product Family
- Product Features
- Wireless Features
- Optional Security Services
- Software Requirements
- Getting to Know Your Safe@Office 500 Appliance
- Getting to Know Your Safe@Office 500W Appliance
- Getting to Know Your Safe@Office 500 ADSL Appliance
- Getting to Know Your Safe@Office 500W ADSL Appliance
- Contacting Technical Support
- Safe@Office Security
- Installing and Setting Up Safe@Office
- Getting Started
- Configuring the Internet Connection
- Managing Your Network
- Using Bridges
- Configuring High Availability
- Using Traffic Shaper
- Working with Wireless Networks
- Viewing Reports
- Viewing Logs
- Setting Your Security Policy
Default Security Policy
Chapter 13: Setting Your Security Policy 353
Default Security Policy
The Safe@Office default security policy includes the following rules:
• Access is blocked from the WAN (Internet) to all internal networks (LAN,
DMZ, primary WLAN, VLANs, VAPs, and OfficeMode).
• Access is allowed from the internal networks to the WAN, according to the
firewall security level (Low/Medium/High).
• Access is allowed from the LAN network to the other internal networks (DMZ,
primary WLAN, VLANs, VAPs, and OfficeMode).
• Access is blocked from the DMZ, primary WLAN, VLAN, VAP, and
OfficeMode networks to the other internal networks, (including between
different VLANs and VAPs).
• HTTPS access to the Safe@Office Portal (my.firewall, my.hotspot, and my.vpn)
is allowed from all internal networks.
• HTTP access to the Safe@Office Portal (my.firewall, my.hotspot, and my.vpn)
is allowed from all internal networks except the WLAN and VAPs. You can
allow HTTP access from the primary WLAN and VAPs by creating a specific
user-defined firewall rule.
• When using the print server function (see Using Network Printers on page 733),
access fro
m
internal networks to connected network printers is allowed.
• Access from the WAN to network printers is blocked.
These rules are independent of the firewall security level.
You can easily override the default security policy, by creating user-defined firewall rules.
For further information, see Using Rules on page 360.