User Manual Part 2
Table Of Contents
- Using SmartDefense
- Using Antivirus and Antispam Filtering
- Overview
- Using VStream Antivirus
- Using VStream Antispam
- How VStream Antispam Works
- Header Marking
- Default Antispam Policy
- Enabling/Disabling VStream Antispam
- Viewing VStream Antispam Statistics
- Configuring the Content Based Antispam Engine
- Configuring the Block List Engine
- Configuring the IP Reputation Engine
- Configuring the VStream Antispam Policy
- Configuring the Safe Sender List
- Configuring VStream Antispam Advanced Settings
- Using Centralized Email Filtering
- Using Web Content Filtering
- Updating the Firmware
- Using Subscription Services
- Working With VPNs
- Overview
- Setting Up Your Safe@Office Appliance as a VPN Server
- Adding and Editing VPN Sites
- Viewing and Deleting VPN Sites
- Enabling/Disabling a VPN Site
- Logging in to a Remote Access VPN Site
- Logging Out of a Remote Access VPN Site
- Using Certificates
- Viewing VPN Tunnels
- Viewing IKE Traces for VPN Connections
- Viewing VPN Topology
- Managing Users
- Using Remote Desktop
- Controlling the Appliance via the Command Line
- Maintenance
- Viewing Firmware Status
- Upgrading Your Software Product
- Configuring a Gateway Hostname
- Configuring Syslog Logging
- Configuring HTTPS
- Configuring SNMP
- Setting the Time on the Appliance
- Using Diagnostic Tools
- Backing Up and Restoring the Safe@Office Appliance Configuration
- Using Rapid Deployment
- Resetting the Safe@Office Appliance to Defaults
- Running Diagnostics
- Rebooting the Safe@Office Appliance
- Using Network Printers
- Troubleshooting
- Specifications
- Glossary of Terms
- Index
Overview
566 Check Point Safe@Office User Guide
To create a Remote Access VPN with two VPN sites
1. On the remote user VPN site's Safe@Office appliance, add the office Remote
Access VPN Server as a Remote Access VPN site.
See Adding and Editing VPN Sites on page 581.
The remo
te user's Safe@Office appliance will act as a Remote Access VPN Client.
2. On the office VPN site's Safe@Office appliance, enable a Remote Access
VPN Server.
See Setting Up Your Safe@Office Appliance as a VPN Server on page 567.
Internal VPN Server
You can use your Safe@Office appliance as an internal VPN Server, for enhanced wired
and wireless security. When an internal VPN Server is enabled, internal network PCs and
PDAs with the appropriate software installed can establish a Remote Access VPN session
to the gateway. This means that connections from internal network users to the gateway
can be encrypted and authenticated.
The benefits of using an internal VPN Server are two-fold:
• Accessibility
Using SecuRemote/SecureClient or L2TP, you can enjoy a secure connection from
anywhere—in your wireless network or on the road—without changing any settings.
The standard is completely transparent and allows you to access company resources
the same way, whether you are sitting at your desk or anywhere else.
• Security
Many of today's attacks are increasingly introduced from inside the network. Internal
security threats cause outages, downtime, and lost revenue. Wired networks that deal
with highly sensitive information—especially networks in public places, such as
classrooms—are vulnerable to users trying to hack the internal network.
Using an internal VPN Server, along with a strict security policy for non-VPN users,
can enhance security both for wired networks and for wireless networks, which are
particularly vulnerable to security breaches.
For information on setting up your Safe@Office appliance as an internal VPN Server, see
Configuring the Internal VPN Server on page 571.