The Security Best Practices Compliance View

The Security Best Practices ComplianceClosed Check Point Software Blade on a Management Server to view and apply the Security Best Practices to the managed Security Gateways. This Software Blade includes a library of Check Point-defined Security Best Practices to use as a baseline for good Security Gateway and Policy configuration. view displays status information for each best practice.

The top table shows these details related to the best practice:

  • Active - Select to activate the best practice test. Clear to deactivate it.

  • Blade - Blade related to this best practice.

  • ID - Check Point Compliance ID assigned to the best practice.

  • Name - Name and brief description of the regulatory requirement related to the best practice.

  • Status - Poor, Medium, Good, Secure, or N/A. We recommend that you resolve "Poor" status items immediately.

The bottom section shows these items for the selected best practice test:

  • Description - Detailed description of the best practice test.

  • Action Item - Steps required to become compliant, including alternative scenarios.

  • Dependency - Shows when the selected best practice is dependent on another best practice. This test is only performed if the other best practice is compliant.

  • Relevant Objects - Objects related to the selected best practice test and their status. You can activate or deactivate the selected best practice test for specified objects (this section shows only when the best practice is applicable to specific objects.)

  • Relevant Regulatory Requirements - Link to a list of all the regulatory standards which are applicable to the best practice.

To search for a certain value, enter a string in the search box:

To search for a certain parameter in a specific field, enter: field name:string

To group results, select Blade or Status in the grouping field;

To sort search results by a certain field, click the field header.

Creating User-Defined Best Practices

You can define your own, custom Security Best Practices based on organizational security requirements.

Best Practice - We recommend that you run a manual scan after you create a new Security Best Practice. The scan reevaluates the Compliance status, to reflect any configuration changes. To do a manual scan . go to the Manage & Settings view > Blades > Compliance > Settings > click the Rescan button. You cannot perform any actions in the Compliance tab while the scan runs.

Activating and Deactivating Best Practice Tests

You can activate or deactivate enforcement of best practices by test, by Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources., by Software BladeClosed Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. or by other objects. Activation changes are applied after the next scan.

By default, all best practice tests are active.

Best Practice - We recommend that you run a manual scan after you activate or deactivate best practice tests. The scan reevaluates the compliance status, to reflect any configuration changes. To do a manual scan, go to the Manage & Settings view > Blades > Compliance > Settings > click the Rescan button. You cannot perform any actions in the Compliance tab while the scan runs.