Internal Firewall Policy for a Dedicated DLP Gateway
A dedicated DLP Gateway enforces a predefined, fixed Internal firewall policy. This policy gives users access to the DLP Gateway for the UserCheck services: DLP Portal, UserCheck, and SMTP. The policy is made up of implied rules.
The Internal Firewall Policy on a dedicated DLP Gateway is not related to the Data Loss Prevention
Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. (DLP) Policy that is defined by the administrator in the Policy page of the Data Loss Prevention tab of SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.. It is also not related to the Access Control Policy which is explicitly defined by the administrator in SmartConsole.
If you do an Install Policy:
-
An integrated DLP Security Gateway
Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. enforces the Firewall Policy and the Data Loss Prevention (DLP) Policy. -
A dedicated DLP Gateway enforces the Internal Firewall Policy and the Data Loss Prevention (DLP) Policy.
|
|
Important - A dedicated DLP Gateway does not enforce the Firewall Policy, Stateful Inspection, anti-spoofing or NAT. Check Point recommends that you place it behind a protecting Security Gateway or firewall. |
The Internal Firewall Policy lets users access these services and ports (and no others) on the DLP Gateway:
|
Feature |
Service |
TCP Port |
|---|---|---|
|
DLP Portal |
TCP HTTP |
80 |
|
TCP HTTPS |
443 |
|
|
UserCheck |
TCP |
18300 |
|
TCP HTTPS |
443 |
|
|
WebUI |
TCP |
4434 |
|
Reply-to-email |
SMTP |
25 |
|
Secure Shell |
SSH |
22 |
|
ICMP |
ICMP requests |
|