Related Manuals for Check Point UTM-1 U-5
Summary of Contents for Check Point UTM-1 U-5
- Page 1 UTM-1 Getting Started Guide Models: U-5, U-10, U-15, U-20, U-30, U-40 2 July 2012 Classification: [Protected] | P/N: 704886...
- Page 2 Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
-
Page 3: Important Information
NONE, and not Hardware, as previously documented. 26 August 2010 First release of this document. Feedback Check Point is engaged in a continuous effort to improve its documentation. Please help us by sending your comments (mailto:cp_techpub_feedback@checkpoint.com?subject=Feedback on UTM-1 Getting Started Guide). -
Page 4: Health And Safety Information
Health and Safety Information Health and Safety Information Read the following warnings before setting up or using the appliance. Warning - Do not block air vents. A minimum 1/2-inch clearance is required. Warning - This appliance does not contain any user-serviceable parts. Do not remove any covers or attempt to gain access to the inside of the product. - Page 5 Health and Safety Information Disconnect the system board power supply from its power source before you connect or disconnect cables or install or remove any system board components. Failure to do this can result in personnel injury or equipment damage. ...
- Page 6 Health and Safety Information Canadian Department Compliance Statement: This Class A digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe A est conforme à la norme NMB-003 du Canada. Japan Class A Compliance Statement: European Union (EU) Electromagnetic Compatibility Directive This product is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility Directive (2004/108/EC).
-
Page 7: Table Of Contents
Contents Important Information ..................... 3 Health and Safety Information ................4 Introduction ......................9 Welcome ......................9 UTM-1 Overview ....................9 This document provides: ................10 Shipping Carton Contents...................11 Terminology......................11 Configuring UTM-1 ....................13 Installing UTM-1 in the Rack ................13 Connecting Power Cables and Powering On ............14 Available Software Images .................14 Initial Configuration .....................14 Using the First Time Configuration Wizard on Gaia ..........16... - Page 8 First Time Login to the Security Management Server ......... 25 Login Process ....................25 Authenticating and Fingerprint Comparison ........... 25 Configure and Install the Security Policy ............25 Create a New Policy Package ............... 26 Define a Host ....................26 Define a Network ...................
-
Page 9: Introduction
Point Web site (http://www.checkpoint.com), or call Check Point at 1(800) 429-4391. For more technical information about Check Point products, consult the Check Point Support Center (http://supportcenter.checkpoint.com). Welcome to the Check Point family. We look forward to meeting all of your current and future network, application and management security needs. UTM-1 Overview Check Point UTM-1 delivers integrated unified threat management to protect your organization from today's emerging threats. -
Page 10: This Document Provides
Introduction UTM-1 supports the Check Point Software Blade architecture, providing independent, modular and centrally managed security building blocks. Software Blades can be quickly enabled and configured into a solution based on specific security needs. The following Software Blades are included in UTM-1: Security Gateway Software Blades ... -
Page 11: Shipping Carton Contents
Locally managed deployment: When all Check Point components responsible for both the management and enforcement of the security policy (the Security Management server and the gateway) are installed on the same machine. - Page 12 Introduction Centrally managed deployment: When the gateway and the Security Management server are installed on separate machines. UTM-1 cluster: Refers to two UTM-1 devices with synchronized Security Management servers and gateways. 12 | UTM-1 Getting Started Guide...
-
Page 13: Configuring Utm-1
Chapter 2 Configuring UTM-1 In This Chapter Installing UTM-1 in the Rack Connecting Power Cables and Powering On Available Software Images Initial Configuration Using the First Time Configuration Wizard on Gaia Using the First Time Configuration Wizard on SecurePlatform Installing the SmartConsole GUI Clients First Time Login to the Security Management Server Configure and Install the Security Policy Advanced Configuration... -
Page 14: Connecting Power Cables And Powering On
Configuring UTM-1 Connecting Power Cables and Powering On For UTM-1 130 1. Connect the power cable to power supply unit. 2. Connect the power supply unit to the power port at the rear of the appliance. 3. Connect the power cable to an A/C outlet. UTM-1 turns on immediately. - Page 15 Configuring UTM-1 Go to the applicable section: Using the First Time Configuration Wizard on Gaia (on page 16) Using the First Time Configuration Wizard on SecurePlatform (on page 21) UTM-1 Getting Started Guide | 15...
-
Page 16: Using The First Time Configuration Wizard On Gaia
Using the First Time Configuration Wizard on Gaia Use the First Time Configuration Wizard to do the initial configuration of the Gaia appliance. Note - The pages that you see in the wizard depend on the software image and the options you select. You will not see all the pages that are in this section. -
Page 17: Authentication Details
If you select a SecurePlatform software image, use the SecurePlatform First Time Configuration Wizard to configure the appliance. Authentication Details The default password gives you access to the appliance. For security purposes, change it to a more secure password. Date and Time Setup Set the system time and date for the appliance: ... -
Page 18: Products
Wizard, you can remove this interface in the Interface Management > Network Interfaces page. DHCP Server - You can configure the Gaia appliance to be a Dynamic Host Configuration Protocol (DHCP) server. To define a DHCP server on the Gaia appliance INT interface: 1. -
Page 19: Security Management Administrator
High Availability, see the applicable version of the Security Management Administration Guide. Search for these guides in the Support Center (http://supportcontent.checkpoint.com/solutions?id=sk67581). Security Management Administrator Note - You only see this page when the Gaia appliance is a Security Management server. Define the name and password of an administrator that can connect to the Security Management server using SmartConsole clients. -
Page 20: Dynamically Assigned Ip
Dynamically Assigned IP Note - You see this page when the appliance is a Security Gateway. A Dynamically Assigned IP (DAIP) gateway is a gateway where the external interface IP address is assigned dynamically by the ISP. Select this option if this Security Gateway uses dynamically assigned IP addresses. Secure Internal Communication (SIC) Define the Secure Internal Communication (SIC) Activation Key. -
Page 21: Using The First Time Configuration Wizard On Secureplatform
Using the First Time Configuration Wizard on SecurePlatform Do the initial configuration of the SecurePlatform appliance with the First Time Configuration Wizard. Note - The pages that you see in the wizard depend on the software image and the options you select. You will not see all the pages that are in this section. -
Page 22: Welcome
Welcome The Welcome page summarizes the steps of the First Time Configuration Wizard. Appliance Date and Time Setup Configure date and time in the Date and Time Setup page. Click Apply. Network Connections Configure the network connections in the Network Connections page. You can change the Management IP address. -
Page 23: Management Type
Type page) requires you to install the SmartConsole applications. In the Download SmartConsole Applications window, you can download SmartConsole and install it on Windows machines. The release notes of your Check Point version in the Check Point Support Center (http://supportcenter.checkpoint.com), lists compatible Windows operating systems for SmartConsole. -
Page 24: Summary
Centrally Managed Deployment This section describes how to configure the appliance for centrally managed deployment. Gateway Type Configure the gateway type for a Centrally Managed UTM-1. Web/SSH and GUI Clients Configuration Define the clients that are allowed to connect to the appliance using a web browser or SSH client. -
Page 25: First Time Login To The Security Management Server
The WebUI menu can be accessed by navigating to https://<appliance_ip_address>:4434 using Internet Explorer. 1. Log in to the WebUI with the administrator username and password. 2. Download the SmartConsole Installation package Product Configuration > Download SmartConsole > Download. First Time Login to the Security Management Server Login Process In a Locally Managed deployment, the Security Management server is included in UTM-1. -
Page 26: Create A New Policy Package
The following is a very simple Firewall rule base: Source Destination Service Action Track Network Object http Accept https Network Object Accept Host Object Accept Host Object telnet Accept Drop The last rule in the rule base, known as the Cleanup Rule, is to drop all traffic that is not permitted by the previous rules. -
Page 27: Define A Network
4. From the Translation Method drop down menu, select Hide, and the option Hide behind Gateway, and click OK. Define a Network Define the networks to be used in the Firewall Rule Base. To define a network: 1. Click Manage > Network Objects > New > Network. 2. -
Page 28: Install A Policy Package
Install a Policy Package To install a Policy Package: 1. Create a policy using the security rule base. 2. Click Policy > Install from the menu. 3. Choose the installation components: a) Installation Targets — the Security Gateways on which the policy is installed. By default, all gateways that are managed by the Security Management server are available for selection. -
Page 29: Connecting To The Utm-1 Cli
Connecting to the UTM-1 CLI You can connect to the command line interface of the UTM-1 appliance using: The provided serial console cable (DTE to DTE) and terminal emulation software such as HyperTerminal (from Windows) or Minicom (from Unix/Linux systems). Connection parameters for UTM-1 appliances are: 9600bps, no parity, 1 stop bit (8N1), flow control None. -
Page 31: Utm-1 Hardware
Chapter 3 UTM-1 Hardware In This Chapter UTM-1 130 Ports LEDs on the UTM-1 130 LEDs on all other UTM-1 Models Managing UTM-1 Using the LCD Panel This chapter contains information relating to the UTM-1 appliance LEDs, ports and LCD panel. UTM-1 130 Ports At the front of the appliance, UTM-1 130 has the following ports: ... -
Page 32: Leds On The Utm-1 130
Console port – for managing the appliance using RS-232 serial communication. Use the supplied serial cable. The UTM-1 appliance has a single power port at the rear: Connect the power supply unit to this port. LEDs on the UTM-1 130 The front of the UTM-1 130 appliance has many LEDs, as shown. -
Page 33: Leds On All Other Utm-1 Models
LEDs on all other UTM-1 Models Note - This section does not apply to UTM-1 130 The purpose and meaning of the various LEDs are as follows: Power On/Off Indicator: This green light is lit when the machine is ON. When the machine is OFF, the light is off. - Page 34 Menu Options Menu Sub-menu Purpose Network DHCP Enable or disable IP address allocation using DHCP Set Internal IP Set the management interface IP address (cannot be edited when DHCP is Set Mgmt IP enabled) Set Netmask Set the management interface network mask (cannot be edited when DHCP is enabled)
- Page 35 When Entering an IP Address Press Move to the next digit Move back to the previous digit Approve the change when the cursor is located on the last digit Cancel the IP change when the cursor is located on the first digit Change current digit UTM-1 Getting Started Guide | 35...
-
Page 37: Restoring Factory Defaults
Chapter 4 Restoring Factory Defaults In This Chapter Restoring Using the WebUI Restoring Using the Console Boot Menu Restoring Using the LCD Panel As part of the troubleshooting process, it may be necessary to restore the UTM-1 appliance to its factory default settings. A UTM-1 appliance can be restored to the factory default image: ... -
Page 38: Secureplatform
The Factory Defaults window opens. 4. Select the image version that you are restoring. 5. Click Apply. SecurePlatform Use the SecurePlatform WebUI to restore the default factory settings. To restore a SecurePlatform appliance with the WebUI: 1. Open Internet Explorer and navigate to the management IP address, https://<appliance_ip_address>:4434 2. -
Page 39: Restoring Using The Lcd Panel
8. The appliance initializes and status messages are shown in the terminal emulation program. 9. When this message is shown, you have approximately four seconds to hit any key to activate the Boot menu. 10. From the Boot menu, select the relevant Reset to factory defaults image. 11. - Page 40 Pressing any other button causes the Action Canceled message to display: At this point, pressing any key returns you to the boot menu. 5. If you confirmed the reset by pressing the Arrow Up button in step 4, wait for the appliance to restore the factory image.
-
Page 41: Registration And Support
Check Point software. Check Point documentation is available on the Check Point Support Center (http://supportcenter.checkpoint.com). Be sure to also use the Online Help when you are working with the Check Point SmartConsole clients. UTM-1 Getting Started Guide...
Need help?
Do you have a question about the UTM-1 U-5 and is the answer not in the manual?
Questions and answers