> Hi > > Has anyone converted a Netscreen firewall policy to Checkpoint R65/R70, can > this be done? > i have taken a look at fw1 rules and confwiz but they do not do this, object > dumper not so sure does this, has anyone managed to covert a NS policy to > Checkpoint and if so what tool was used? > > Many Thanks
Hi, As far as I know, there is no automatic conversion tool. you can use some tools like odumper to get at least the objects, then add those to the screenos with regular set commands. Then it depends how complex is your ruleset on the netscreen device (forget about nat per policy or vpn per policy on checkpoint). It's perhaps a good point to check what is still in use in your rulebase, and reorder a little bit. Don't create sections with the zones from the netscreen, it won't make sense. Last question : why do you plan to migrate to a checkpoint from a netscreen ? Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
