Thursday, September 12, 2013

CheckPoint Firewall Virtualization and Installation

Step-by-step installation of CheckPoint Virtual Machine


VPN-1 is a stateful firewall which also filters traffic by inspecting the application layer. It was the first commercially available software firewall to use stateful inspection. Later (1997), Check Point registered U.S. Patent # 5,606,668 on their security technology that, among other features, included stateful inspection. VPN-1 functionality is currently bundled within all the Check Point's perimeter security products. The product, previously known as FireWall-1, is now sold as an integrated firewall and VPN solution.VPN-1 is one of the few firewall products that is still owned by its creators (Check Point Software Technologies). 

In this short, pictured guide I have installed and configured a Virtual Machine using the ESXi hypervisor to be used as the test scenario base ground. Let us now walk trough the screenshot guide of creating the machine and installing the actual firewall. First we should define the Machine Version, the newest version is preffered.


The next thing is to choose the Other Linux predefined Virtual machine template.


We can choose then as much CPU a virtualized setup has, I have choosen 1. The VM should have minimum 512 MB ram. I am installing R65 Version of the VPN-1 Firewall. Next step is to assign the network connected to the VM. In initial setup I have configured one NIC for administration, and later on one can use as many networks as needed.


I have allocated 12 GB of free space on the hypervisor subsystem storage. In real producation scenarios this should be a lot more.


The important final step is to assign the boot image of the downloaded R65 Firewall ISO image. 



After the machine boots, the automatic extraction of the ISO image is started. The initial setup of the CheckPoint r65 VPN-1 has started.


After the welcome screen , we press any key and the extraction of setup files begin.


If everything goes well during this setup, the SecurPlatform installation should then format the partitions it needs to boot the Firewall.


After the formating setups needs to restart and we should get the login screen. On first logon the Secure platform needs to have a new password and the user. The IP address assigned by the internal NIC of the R65 should be used as the one for the HTTP GUI administration.


So finally we are done with the console setup and we can type in the administration address in out Browser. The Google Chrome is not supported so I am ussing the Internet Explorer.


Now the last thing one needs to do is to type in the username and the password and the CheckPoint journey can begin. More to come on configs and scenarios simulations.

Feel free to comment.

No comments:

Post a Comment