Gaia Hardening

This document describes the hardening of the Check Point GaiaClosed Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. operating system.

Components that are not necessary for a network security device, or that could cause security vulnerabilities, were removed.

Check Point Gaia R81 is based on Red Hat 7.6 version and the Linux kernel 3.10.0-957.

The applications removed from the operating system include X Windows, Office applications, games, and many other applications that are irrelevant to Firewall operations.

This document describes the remaining packages and modifications to the system.

Important Notes

  • RPMs not needed for network security services were removed.

  • The RPMs listed in this document refer to Check Point Gaia R81 version.

  • The list of RPMs does not include Check Point application packages that are installed on the Gaia system. The list only applies to the Gaia operating system hardening.

  • Gaia OS is derived from a Red Hat Linux distribution. The source code for these modified packages is available for review, as described in the License.txt file on the Gaia distribution media.

  • The hardening of some Gaia components, such as those requiring external network communications, was audited by Check Point staff and by an independent security consulting organization.