Check Point VPN-1

FireWall-1/VPN-1 is a commercial firewall software of the Israeli software company Check Point. Is an SPI firewall. The SPI Technology has the advantage that, are automatically allowed, for example, with a single firewall rule both the outgoing traffic of a connection, as well as the response packets from the target system, which belong to this connection. SPI evaluates it from the set in the packets TCP flags and can, for example, packets with set " SYN ACK" TCP flags only happen if this TCP session before packets with the " SYN " flag ( connection, 3-Way Handshake) of the Firewall were seen. Now work almost all firewalls according to the " SPI " principle. Optionally, the current through the firewall data streams are newer versions also controlled at the application level to detect, for example, known attack patterns and possibly block (Intrusion Prevention ), which goes far beyond the original functionality of a firewall ( packet filter ).

The Checkpoint firewall solution is often used in a professional environment based on the following main criteria:

  • High basic stability and reliability
  • Very clear presentation of firewall rules
  • Highly granular manipulation of the treatment protocol specific packets
  • Detailed and clear logging of all connections including revisions
  • Centralized management of multiple firewalls from a central " SmartCenter Server"
  • A variety of options in the choice of hardware on which the Check Point software is operated

FireWall -1 was in the mid 1990s, the first commercial solution that sat on the SPI technology. By the year 2002 was the, now added to VPN functionality and Firewall-1/VPN-1 renamed software market leader in the professional firewall environment. Depending on the economic perspective, it is this function today.

Operating Systems

The FireWall-1/VPN-1 software can be installed on different operating systems. This differs significantly from the product 's two largest competitors in the professional environment, Cisco and Juniper Netscreen Pix.

In versions NGX R61- R65 FireWall-1/VPN-1 supports the following operating systems:

  • Solaris version 8,9,10
  • Windows 2000/2003 Server
  • Red Hat Enterprise Linux version 3.0
  • Check Point SecurePlatform ( a Check Point specially hardened Red Hat Linux, SPLAT )
  • Nokia IPSO

In older versions, among other things, the operating systems HP -UX and AIX supported by IBM.

Versions

The scheme of version and revision number, and hence the product name was changed several times in the past:

  • Firewall-1: Version 1.0 ( April 1994) to version 4.1 (2000)
  • Firewall-1/VPN-1 Next Generation: NG (June 2001) on NG FP1 (November 2001 ) to NG FP3 ( August 2002)
  • Firewall-1/VPN-1 Next Generation with Application Intelligence: NG AI R54 (June 2003)
  • NG AI R55 (November 2003)
  • NGX R60 ( August 2005)
  • NGX R61 ( March 2006)
  • NGX R62 (November 2006)
  • NGX R65 (March 2007)
  • NGX R70 (March 2009)
  • NGX R71 (April 2010)
  • NGX R75 (December 2010)
Cisco Systems Juniper Networks IBM AIX
335488
de