We like SmartDefense and have been using it for three years (we're on R55
now). It shows us a lot of things we never would have looked for
specifically. The ability to enforce standards, like no binary in HTTP
headers as well as the ability of SmartDefense to block many peer-to-peer
programs is not only a good preventive measure, it alerts us to people doing
things they should not be doing.
Has it caused an occasional issue? Yes, but I think all such systems will do
that. The key is this:
Before updating SmartDefense, push the policy with a database revision
backup. This not only stores the policy for restore, it stores all of the
SmartDefense settings and definitions.
If you see an issue caused by a recent update (we've only had one in three
years), you can restore the backup and all is well.
We only have a few employee-only web servers that run through FW-1. We keep
all of our public sites at other providers to reduce us being a target and
to keep our bandwidth usage low. We are using some of the available web
server protections on these employee-only systems. Before turning them on,
we used to see a lot of hits in the URLScan log of the web servers. Once we
activated the FW-1 protections, the URLScan logs have almost no entries, so
the FW-1 protections are doing their job.
HTH,
Ray
From: Erin Young <y_erin AT HOTMAIL DOT COM>
Reply-To: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] SmartDefense Opinion
Date: Fri, 14 Jul 2006 13:05:34 +0000
I am looking to implement further protection for the nodes on my network
and I am trying to get a general consensus on the value of SmartDefense and
WebIntelligence. In other words what have the experiences been good and
bad? Thanks
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
