Are you getting this question from an auditor, like we are as well? If so, the standard low tech audit script usually asks for documentation that the user login credentials are encrypted (meaning between the GUI client and the SmartCenter server in this case). It's the same question they would ask about logging into anything else, from a web site with confidential information, to your desktop login from your PC, and the auditor rarely understands even what the difference is between any of the above.
Unfortunately, I've not found any Checkpoint documentation that explicitly says "login credentials" or "password" when talking about how the connection is encrypted. Your passwords *are* encrypted (you can prove it to a technical person with a sniffer trace), but I always seem to have problems convincing the auditor that the doc about encrypted communications applies to the login as well, because they aren't really sure what they should accept as documentation for each question. They basically just want documentation to exactly match the phrase they were looking to find from the question, or they flag it as not properly documented for the audit. If you're running into the same situation, let me know if you find something I've missed in the documentation searches I've done, because I've not seen the exact words they were looking for. Bruce -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of a bv Sent: Thursday, May 13, 2010 04:28 To: [email protected] Subject: [FW-1] Need knowledge and documentaion about CPMI Hi list, I need information and documentaion proof about CPMI and how secure is it? Is it encryted etc.. Regards Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= *************************************************************************** The information contained in this communication is confidential, is intended only for the use of the recipient named above, and may be legally privileged. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please resend this communication to the sender and delete the original message or any copy of it from your computer system. Thank You. **************************************************************************** Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
