HPE Community
Operating System - HP-UX
1823114 Members
3234 Online
109646 Solutions
New Discussion юеВ

CheckPoint Firewall1

 
Miguel A. Aliaga
Occasional Advisor

тАО04-20-2001 01:03 AM

тАО04-20-2001 01:03 AM

CheckPoint Firewall1

I am going to mount CheckPoint Firewall1 but I don`t know if will do it in HP-UX 11 or in NT/2000.
Any problem about HP-UX ???
Any recomendation/suggestion ???


Thanks.
0 Kudos
Reply
5 REPLIES 5
Steven Sim Kok Leong
Honored Contributor

тАО04-20-2001 02:59 AM

тАО04-20-2001 02:59 AM

Re: CheckPoint Firewall1

Hi,

I do not recall Checkpoint FW-1 having a release that runs on top of HP-UX. I do know that HP-UX runs the Raptor firewall. I read that HP-UX 11i comes built-in with host-based IDS (Intrusion Detection System).

I hope I understand your question correctly. In my opinion, forget NT/2000. Checkpoint FW-1 runs best on Solaris.

Comparing the number of alerts from SANS Security Alert Consensus, I would not run a firewall on the weaker OS when it comes to security vulnerabilities.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com
0 Kudos
Reply
Miguel A. Aliaga
Occasional Advisor

тАО04-20-2001 03:23 AM

тАО04-20-2001 03:23 AM

Re: CheckPoint Firewall1

Hi Steven,

Checkpoint FW1 runs on HPUX 11.x

I know that Solaris is the best choice for this case ( FW1 ), but my only option is to install it on HPUX or NT/2000. I think HPUX it most secure than NT/2000 but I would like to hear about experiences in both cases.


Thanks.

0 Kudos
Reply
Marc Dijkstra
Trusted Contributor

тАО04-20-2001 03:37 AM

тАО04-20-2001 03:37 AM

Re: CheckPoint Firewall1

I have a checkpoint Firewall-1 running on HP-UX 11.x in front of a VVOS. I trust the system as far as I can, would certainly not try a Windoooze system to do the job, just too many holes in that lovely OS for comfort.

As stated earlier, there is a Raptor, which I personally prefer being a Proxy based FW whereas a FW-1 is a stateful inspection packet filter.. HP WERE using Raptor as the e-firewall in the Praesidium suite, not sure what they are using now, I do know it is Proxy based however, check out www.hp.com/go/security

MND
"A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila"
0 Kudos
Reply
Trent Cameron
Occasional Contributor

тАО04-20-2001 03:46 AM

тАО04-20-2001 03:46 AM

Re: CheckPoint Firewall1

Hi,

One of the main things to look out for when installing HPUX is to make sure your using a 32-BIT version of the OS. I tried 11i (64-Bit) and Firewall-1 would not work.

Hopefully this can save you some of the trouble I ran into.
Trent Rules!
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

тАО04-20-2001 05:55 AM

тАО04-20-2001 05:55 AM

Re: CheckPoint Firewall1

We originally had FW1 running on an NT server and it crashed with great regularity; since moving to HP-UX we had had no problems whatsoever. The only downside is that if you need a content vectoring server, it can't be on HP-UX (Checkpoint had not ported the toolkit the last time I checked). The CVP server can be on another box and invoked from FW1 running HP-UX.
If it ain't broke, I can fix that.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.