I feel they still need to do a lot of work on these sofaware boxes.
I just finised evaluating a edge box and it was ok for very basic stuff
but after turning on a few security settings the box just crapped out.
I could barely get a 600MB iso through. It would fail a majority of the
time. To pay that much money for a dog just isnt worth it. Rather build
my own splat box.
Ray wrote:
> This questrion might be answered faster over on the Discussion Groups of
> http://www.sofaware.com (lower left part of the home page). Their tech
> support people monitor the forums and post replies as well as it being
> used to user-to-user support.
>
> Ray
>
>> From: Motta Corrado <Corrado.Motta AT RTSI DOT CH>
>> Reply-To: Mailing list for discussion of Firewall-1
>> <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>> To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>> Subject: [FW-1] stop SmartDefence on remotely managed Edge
>> Date: Thu, 20 Jul 2006 14:48:10 +0200
>>
>> Hi Gurus.
>>
>> Situation:
>> ----------
>> Central managed CP on Splat R61
>> Remote X-edge Embedded NGX-6.0.76x
>>
>> SmartDefence on the R61 have this configuration in
>> ApplicationInteligence:
>> FTP
>> |--> FTP security server
>> |--> Block Port Overflow turned off (not checked)
>> |--> Blocked FTP command with all commands inside the "allowed
>> commands list"
>>
>> SmartDefence on the NGX-6.0.76x have this configuration:
>> FTP
>> |--> Block Port Overflow: Action None (via web interface)
>> |--> Blocked FTP command: Action None (via web interface)
>> no blocked commands
>>
>> Problem:
>> --------
>> I install the policy on the xEdge via SmartConsole
>> and the settings change into:
>> FTP
>> |--> Block Port Overflow: Action Block
>> |--> Blocked FTP command: Action Block
>> no blocked commands
>>
>> Symptoms:
>> - Nobody is able to setup an FTP session trough the xEdge.
>> - The logs are like this one:
>> Product: VPN-1 Edge
>> Origin: xEdge
>> Type: Log
>> Action: Reject
>> Protocol: tcp
>> Service: ftp (21)
>> Source: a.a.a.a
>> Destination: b.b.b.b
>> Rule: -22
>> Source Port: 3097
>> Attack Name: FTP Illegal command
>> File Direction: Outbound
>> Information: msg: Packet logged
>>
>> - If I try to change the setting on the xEdge: "Error: This
>> configurable item is remotely managed."
>> - xEdge Restart ==> no problem If I try to change the setting on
>> the xEdge
>> and all the FTP session run correctly.
>>
>> I think that's a bug.
>> Waiting the bug-resolution,
>> I would like to know if is it possible to disable the "Smartdefence
>> agent" on the xEdge?
>>
>> Regards
>>
>> Corrado
>>
>> ******************************************************
>> Visit: http://www.rtsi.ch
>> This email and any files transmitted with it are confidential and
>> intended solely for the use of the individual or entity to whom they
>> are addressed. If you have received this email in error please notify
>> postmaster AT rtsi DOT ch
>>
>> =================================================
>> To set vacation, Out-Of-Office, or away messages,
>> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
>> in the BODY of the email add:
>> set fw-1-mailinglist nomail
>> =================================================
>> To unsubscribe from this mailing list,
>> please see the instructions at
>> http://www.checkpoint.com/services/mailing.html
>> =================================================
>> If you have any questions on how to change your
>> subscription options, email
>> fw-1-owner AT ts.checkpoint DOT com
>> =================================================
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
