User Manual Part 2
Table Of Contents
- Using SmartDefense
- Using Antivirus and Antispam Filtering
- Overview
- Using VStream Antivirus
- Using VStream Antispam
- How VStream Antispam Works
- Header Marking
- Default Antispam Policy
- Enabling/Disabling VStream Antispam
- Viewing VStream Antispam Statistics
- Configuring the Content Based Antispam Engine
- Configuring the Block List Engine
- Configuring the IP Reputation Engine
- Configuring the VStream Antispam Policy
- Configuring the Safe Sender List
- Configuring VStream Antispam Advanced Settings
- Using Centralized Email Filtering
- Using Web Content Filtering
- Updating the Firmware
- Using Subscription Services
- Working With VPNs
- Overview
- Setting Up Your Safe@Office Appliance as a VPN Server
- Adding and Editing VPN Sites
- Viewing and Deleting VPN Sites
- Enabling/Disabling a VPN Site
- Logging in to a Remote Access VPN Site
- Logging Out of a Remote Access VPN Site
- Using Certificates
- Viewing VPN Tunnels
- Viewing IKE Traces for VPN Connections
- Viewing VPN Topology
- Managing Users
- Using Remote Desktop
- Controlling the Appliance via the Command Line
- Maintenance
- Viewing Firmware Status
- Upgrading Your Software Product
- Configuring a Gateway Hostname
- Configuring Syslog Logging
- Configuring HTTPS
- Configuring SNMP
- Setting the Time on the Appliance
- Using Diagnostic Tools
- Backing Up and Restoring the Safe@Office Appliance Configuration
- Using Rapid Deployment
- Resetting the Safe@Office Appliance to Defaults
- Running Diagnostics
- Rebooting the Safe@Office Appliance
- Using Network Printers
- Troubleshooting
- Specifications
- Glossary of Terms
- Index
Using Diagnostic Tools
706 Check Point Safe@Office User Guide
Using Packet Sniffer
The Safe@Office appliance includes the Packet Sniffer tool, which enables you to capture
packets from any internal network or Safe@Office port. This is useful for troubleshooting
network problems and for collecting data about network behavior.
If desired, you can configure Packet Sniffer to capture each packet twice: once before
firewall processing and once after firewall processing. This allows you to observe exactly
what the Safe@Office firewall does to your packets.
The Safe@Office appliance saves the captured packets to a file on your computer. You can
use a free protocol analyzer, such as Ethereal or Wireshark, to analyze the file, or you can
send it to technical support. Wireshark runs on all popular computing platforms and can be
downloaded from http://www.wireshark.org. Ethereal can be downloaded from
http://www.ethereal.com.
Note: If you enabled the Packet Sniffer's Firewall Monitor option, and you would like to
view the results in Ethereal/Wireshark, you must do the following: open the capture
file, click Edit > Preferences, in the left pane click Protocols > Ethernet, and select the
Attempt to interpret as Firewall-1 monitor file check box. The capture file will display the
interface name on which the packet was captured, and the packet’s processing
direction will be indicated by i (input) or o (output).
To use Packet Sniffer
1. Click Setup in the main menu, and click the Tools tab.
The Tools page appears.
2. Click Sniffer.