Trusted Zone
The Trusted Zone contains network objects that are trusted. Configure the Trusted Zone to include only those network objects with which your programs must interact.
|
|
Note - Objects not placed in the Trusted Zone are placed automatically in the Internet Zone |
SmartEndpoint
A Check Point GUI application which connects to the Endpoint Security Management Server, to manage your Endpoint Security environment - to deploy, monitor and configure Endpoint Security clients and policies. contains an initial Access Zones policy. In the initial policy, these network elements are included in the Trusted Zone:
-
All_Internet
This object represents all legal IP addresses. In the initial policy, all IP addresses on the Internet are trusted. However, the Access Zones policy is not a policy that is enforced by itself but only as a component of the Firewall policy.
-
LocalMachine_Loopback
Endpoint computer's loopback address: 127.0.0.1. The Endpoint must always have access to its own loopback address.
|
|
Note - Endpoint users must not run software that changes or hides the local loopback address, for example personal proxies that enable anonymous internet surfing. |
Objects in the Trusted Zone
Think about adding these objects to your Trusted Zone:
-
Remote host computers accessed by your programs (if not included in the subnet definitions for the corporate network)
-
Corporate WANs accessed by your programs
-
Domain name servers
-
Mail servers
-
Domain controllers
-
File servers
-
Print servers
-
VPN Security Gateway
Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. address range -
Internet gateways
-
Local subnets
-
Security servers (for example, RADIUS, TACACS, or ACE servers)
-
Other IP addresses or IP ranges, to which access is allowed or denied.