1. What is Check Point Firewall?
Answer:
Check Point Firewall is a network security solution that provides advanced threat prevention and access control capabilities. It operates as a Stateful Packet Inspection firewall and offers features such as VPN, intrusion prevention, application control, URL filtering, and more.
2. What are the key components of Check Point architecture?
Answer:
The main components are:
Security Management Server (SMS): Manages policies, logs, and configurations.
Security Gateway: Enforces security policies and inspects traffic.
SmartConsole: A GUI client to manage Check Point products.
Database: Stores policies and logs.
3. What is Stateful Inspection?
Answer:
Stateful Inspection is a technology used by Check Point to monitor the state of active connections. It tracks connection details like source/destination IPs, ports, and sequence numbers, ensuring only valid packets pass through the firewall.
4. What is Check Point’s three-tier architecture?
Answer:
Security Management Layer: Manages policies and configurations.
Security Gateway Layer: Enforces policies and inspects traffic.
SmartConsole Layer: Provides administrators a user interface to interact with the firewall.
5. What is a Security Policy?
Answer:
A Security Policy is a set of rules that defines how traffic is controlled through the firewall. It includes:
Source/Destination: IP addresses or networks.
Service: Protocol or port.
Action: Allow, deny, or drop.
6. What is the difference between implicit and explicit rules in Check Point?
Answer:
Implicit Rules: Default rules automatically applied by Check Point, such as dropping traffic that doesn’t match any rule.
Explicit Rules: User-defined rules configured in the policy.
7. What is NAT in Check Point?
Answer:
Network Address Translation (NAT) in Check Point maps private IP addresses to public IP addresses or vice versa. Check Point supports:
Static NAT: One-to-one mapping.
Hide NAT: Many-to-one mapping (used for outbound traffic).
8. What is the purpose of a SmartDashboard?
Answer:
SmartDashboard is a tool in the SmartConsole suite used to manage and configure firewall policies, NAT rules, VPNs, and other security features.
9. How does Check Point handle high availability?
Answer:
Check Point supports high availability through ClusterXL:
Active/Active: Both nodes share traffic load.
Active/Passive: One node is active while the other is on standby.
10. What is the difference between Stealth Rule and Cleanup Rule?
Answer:
Stealth Rule: Prevents direct access to the firewall itself by denying traffic to its management IP.
Cleanup Rule: Logs and drops all traffic that does not match any explicit rule in the policy.