Tomi Kononow wrote: > > Dear Sirs, > > StoneBeat product development including OPSEC certification process is > focused to StoneBeat FullCluster > product line for which OPSEC recertification and documentation updates are > done for every service pack release. > Even though the main development and certifications happen on StoneBeat > FullCluster, > StoneBeat HA is actively maintained and is fully supported with the latest > Check Point NG versions by Stonesoft.
Great. My VAR was double-checking on that. > Regarding to the problem with anti-spoofing; usually there are a limited > number > of hosts and networks that needs to communicate with control interface in > offline state. In > most cases these networks/ objects can be easily set using group objects > and the "Specific" > definition in anti-spoofing view. That's what I tried to do, but it did not work. The only host the offline firewall needs to communicate with is the management station. If I put the management station in the "Specific" box, everything works fine for that firewall when it is offline. However, once it is online, it can no longer talk to the management station since the communications would go over the "external" interface, and FW-1 thinks that is spoofed. You cannot define the management server as being "Specific" to both interfaces since naming specific networks and hosts is not an available option for external interfaces. -- Crist J. Clark [EMAIL PROTECTED] Globalstar Communications (408) 933-4387 The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact [EMAIL PROTECTED] ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
