Security Policy
Security Policy
Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection. is a collection of rules and settings that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection.
Check Point solution provides several types of Security Policies.
Access Control Policy
Description
Access Control Policy consists of these parts:
-
Access Control Rule Base
For more information, see the R80.20 Security Management Administration Guide.
In addition, see sk120964 - ATRG: Unified Policy.
Contains unified simple and granular rules to control access from specified sources to specified destinations over specified protocols.
If you enable Identity Awareness
Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. on your Security Groups, you can also use Access Role objects as the source and destination in a rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session.. This lets you easily make rules for individuals or different groups of users.Rule structure:
-
NAT Rule Base
For more information, see the R80.20 Security Management Administration Guide.
Contains automatic and manual rules for Network Address Translation (NAT).
Rule structure:
No
Original Source
Original Destination
Original Services
Translated Source
Translated Destination
Translated Services
Install On
Comments
Automatic Generated Rules
NAT Rules for X (Y-Z)
#
Specific Source objects
Specific Destination objects
Specific or All Service objects
= Originalor
Specific object
= Originalor
Specific object
= Originalor
Specific object
Policy Targetsor
Your Comment
-
Desktop Rule Base
For more information, see the SmartDashboard
Legacy Check Point GUI client used to create and manage the security settings in versions R77.30 and lower. In versions R80.X and higher is still used to configure specific legacy settings. Help (press F1).Prerequisites:
-
In the Security Gateway object, enable the IPsec VPN and the Policy Server Software Blades.
-
In the Policy Package, enable the Desktop Security.
This policy is installed on the Security Management Server
Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server.. Remote Access Clients download this policy when a VPN Site update is performed. Once downloaded, this policy determines access control on the Remote Access Client machines.The Desktop Policy consists of two Rule Bases:
-
Inbound Rules - Control connections directed at the client machine
-
Outbound Rules - Control connections initiated by the client machine
Rule structure:
-
Threat Prevention Policy
Description
For more information, see the R80.20 Threat Prevention Administration Guide.
Determines how the system inspects connections for bots and viruses. The primary component of the policy is the Rule Base All rules configured in a given Security Policy. Synonym: Rulebase.. The rules use the Malware database and network objects.
If you enable Identity Awareness Software Blade on your Security Groups, you can also use Access Role objects as the scope in a rule. This lets you easily make rules for individuals or different groups of users.
Rule structure:
HTTPS Inspection Policy
Description
For more information, see the R80.20 Security Management Administration Guide.
Inspects the HTTP / HTTPS traffic in these Software Blades:
Security Groups cannot inspect HTTPS traffic because it is encrypted. When you enable the HTTPS Inspection Feature on a Security Gateway that inspects traffic encrypted by the Secure Sockets Layer (SSL) protocol for malware or suspicious patterns. Synonym: SSL Inspection. Acronyms: HTTPSI, HTTPSi. feature, Security Groups create new SSL connections with the external site or server. The Security Groups are then able to decrypt and inspect HTTPS traffic that uses the new SSL connections.
Rule structure:
Data Loss Prevention Policy
Description
For more information, see the R80.20 Data Loss Prevention Administration Guide.
Prevents unintentional data leaks by catching protected data before it leaves your organization.
Rule structure:
|
Flag |
Name |
Data |
Source |
Destination |
Protocol |
Exceptions |
Action |
Track |
Severity |
Install On |
Time |
Category |
Comment |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Category Name(Y-Z) |
|||||||||||||
|
or
or
|
Your Rule Name |
or Specific Source objects |
or Specific Destination objects |
or
or
or
|
Shows:
or The number of exceptions added for this rule (double-click this cell) |
or
or
or
or
|
or
or
and how to store an incident |
or
or
or
|
|
|
or Specific Category |
Your Comment |
|
Geo Policy
Description
For more information, see the SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. Online Help (press F1).
Rule structure:
Mobile Access Policy
Description
For more information, see the R80.20 Mobile Access Administration Guide.
Controls which user groups have access to which applications, when connecting through a Mobile Access Check Point Software Blade on a Security Gateway that provides a Remote Access VPN access for managed and unmanaged clients. Acronym: MAB. Gateway.
Rule structure: