Nope. NAT worked like a dream - both hide and static NATs actually. The automatic ARP works exactly as it is supposed to. No static routes on routers or the firewall, no antispoofing changes, just a single step.
I was quite impressed given the other problems I have had. > Did you have to do any sacrificial rituals to get NAT going? > > -----Original Message----- > From: Damien Hart [mailto:damien.hart@;CANBERRATIMES.COM.AU] > Sent: 30 October 2002 23:08 > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Secureplatform - licensing and security > > > yep. it has been in production for over 48 hours now and it has been > faultless - so far :-) > > > > Do yo uhave FP3 SP going ok? > > > > -----Original Message----- > > From: Damien Hart [mailto:damien.hart@;CANBERRATIMES.COM.AU] > > Sent: 30 October 2002 22:02 > > To: [EMAIL PROTECTED] > > Subject: Re: [FW-1] Secureplatform - licensing and security > > > > > > IMHO I think you would be hard put to find something else to harden on > > > SecurePlatform, it seems to be very good straight off the CD and takes > > > only a couple of minutes to install. There are a couple of things it > > is lacking because it is so hardened but in the "expert" mode you have > > > a root shell that gives you access to everything that they have left > > and you can also install other RPMs (I suggest to start with a cron > > daemon). You can write your own Linux scripts and you have SSH remote > > shell access to it as well. I have mine configured to do automatic > > backups to another machine and automatic log exports which are tweaked > > > using awk and sed etc before they leave the box - very handy... > > > > I would definately choose it over Windows simply because it is Linux > > (don't bother flaming me for that one Windows lovers :-p ) and > > although I have had my fair share of fun and games getting it > > operational (including two complete rebuilds of the objects and > > rulebase) it has proven to be quite stable in production. > > > > For those not completely competent with Linux security it will put > > your mind at rest to know the hardening has been done by the people > > who > > *should* know what to harden :-) > > > > thats my 2 cents worth anyway > > > > Damo > > > > P.S. Existing licenses can be used on any platform afaik, including > > SecurePlatform, but you will save yourself a Windows server OS. > > > > > > > Hello all, > > > > > > After reading the mailing list for awhile and seeing as how many of > > > you > > are > > > using secureplatform I was wondering how I might be able to get it > > > as > > well. > > > What are the licensing issues behind it? I checked on CheckPoint's > > > price list > > > (https://pricelist.checkpoint.com/sections/Enterprise.asp) > > > and didn't find it listed. Can you run it with just a FW-1 license? > > > > > > Also, is secureplatform secure enough to cut down the time it takes > > > to > > > > > harden an OS like Windows 2000? What I mean is, am I going to be > > > spending time customizing and hardening the system, or does it just > > > work off the install, defaults and all? > > > > > > In general, what do you think about the secureplatform? > > > > > > Thanks for your help. > > > > > > ...................... > > > Ian Neubert > > > Director of IS > > > TWAcomm.com, Inc. > > > http://www.TWAcomm.com/ > > > > > > ================================================= > > > To set vacation, Out Of Office, or away messages, > > > send an email to [EMAIL PROTECTED] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > ================================================= > > > To unsubscribe from this mailing list, > > > please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > ================================================= > > > If you have any questions on how to change your subscription > > > options, email [EMAIL PROTECTED] > > > ================================================= > > > > > > > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ============================================= > > > > This email has been content filtered and > > subject to spam filtering. If you consider > > this email is unsolicited please forward > > the email to [EMAIL PROTECTED] and > > request that the sender's domain be > > blocked from sending any further emails. > > > > ============================================= > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ============================================= > > This email has been content filtered and > subject to spam filtering. If you consider > this email is unsolicited please forward > the email to [EMAIL PROTECTED] and > request that the sender's domain be > blocked from sending any further emails. > > ============================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
