Peb txuas ntxiv cov kab lus ntawm kev ua haujlwm nrog SMB CheckPoint qauv tshiab, cia peb nco ntsoov koj hauv peb tau piav qhia txog cov yam ntxwv thiab kev muaj peev xwm ntawm cov qauv tshiab, kev tswj hwm thiab kev tswj hwm. Niaj hnub no peb yuav saib cov xwm txheej xa mus rau cov qauv qub hauv koob: CheckPoint 1590 NGFW. Nov yog cov ntsiab lus ntawm qhov no:
- Unpacking cov cuab yeej (pib piav qhia ntawm cov khoom, lub cev thiab kev sib txuas hauv network).
- Cov cuab yeej pib pib.
- Kev teeb tsa thawj zaug.
- Kev ntsuas kev ua haujlwm.
Unpacking Khoom
Kev paub txog cov cuab yeej pib nrog kev tshem tawm cov khoom siv los ntawm lub thawv, disassembling Cheebtsam thiab txhim kho qhov chaw; nyem rau ntawm qhov spoiler, qhov twg cov txheej txheem tau qhia luv luv.
Kev xa khoom ntawm NGFW 1590
Luv luv txog cov ntsiab lus:
- NWS 1590;
- Fais fab adapter;
- 2 Wifi Kav hlau txais xov (2.4 Hz thiab 5 Hz);
- 2 LTE kav hlau txais xov;
- Cov phau ntawv nrog cov ntaub ntawv (cov lus qhia luv luv rau kev sib txuas pib, daim ntawv cog lus, thiab lwm yam)
Raws li rau lub network ports thiab interfaces, muaj tag nrho cov niaj hnub muaj peev xwm rau kev sib kis thiab kev sib cuam tshuam, ib qho chaw nres nkoj cais rau thaj tsam DMZ, USB 3.0 rau synchronization nrog lub PC.
Version 1590 tau txais kev tsim kho tshiab, kev xaiv niaj hnub rau kev sib txuas lus wireless thiab nco nthuav dav: 2 qhov rau kev ua haujlwm nrog Micro / Nano SIM hauv LTE hom. (peb npaj los sau txog qhov kev xaiv no kom ntxaws hauv ib qho ntawm peb cov kab lus txuas ntxiv hauv cov koob tshwj xeeb rau kev sib txuas wireless); SD daim npav qhov.
Koj tuaj yeem nyeem ntxiv txog lub peev xwm ntawm 1590 NGFW thiab lwm yam qauv tshiab hauv los ntawm cov kab lus hais txog CheckPoint SMB kev daws teeb meem. Peb yuav mus rau qhov pib pib ntawm lub cuab yeej.
Thawj qhov pib
Peb cov neeg nyeem tsis tu ncua yuav tsum paub tias 1500 Series SMB kab siv 80.20 Embedded OS tshiab, uas suav nrog kev hloov kho tshiab thiab muaj peev xwm txhim kho.
Txhawm rau pib pib lub cuab yeej koj yuav tsum:
- Muab lub zog rau lub rooj vag.
- Txuas lub network cable los ntawm koj lub PC mus rau LAN -1 ntawm lub rooj vag.
- Optionally, koj tuaj yeem muab cov cuab yeej siv Is Taws Nem tam sim ntawd los ntawm kev txuas lub interface mus rau WAN chaw nres nkoj.
- Mus rau Gaia Embedded portal:
Yog tias koj ua raws li cov kauj ruam dhau los, tom qab ntawd mus rau nplooj ntawv Gaia portal, koj yuav tsum paub meej tias qhib nplooj ntawv nrog daim ntawv pov thawj tsis ntseeg, tom qab ntawd qhov chaw teeb tsa lub vev xaib yuav pib:
Koj yuav tau txais tos los ntawm nplooj ntawv qhia tus qauv ntawm koj lub cuab yeej, koj yuav tsum mus rau ntu tom ntej:
Peb yuav raug hais kom tsim ib tus account rau kev tso cai, nws muaj peev xwm hais kom meej tus password siab rau tus thawj coj, thiab peb qhia lub teb chaws uas peb yuav siv lub rooj vag.
Lub qhov rais tom ntej no txhawj xeeb txog hnub thiab lub sijhawm teeb tsa; koj tuaj yeem teeb nws manually lossis siv lub tuam txhab NTP server.
Cov kauj ruam tom ntej no suav nrog kev teeb tsa lub npe rau lub cuab yeej thiab qhia lub tuam txhab sau npe kom cov kev pabcuam rooj vag ua haujlwm raug hauv Is Taws Nem.
Cov kauj ruam tom ntej yog hais txog kev xaiv ntawm NGFW tswj hom, ntawm no nws yuav tsum tau sau tseg:
- Local Management. Qhov no yog ib qho kev xaiv muaj los tswj lub rooj vag hauv zos siv Gaia Portal lub vev xaib.
- Central Management. Hom kev tswj no suav nrog synchronization nrog lub siab CheckPoint Management server, synchronization nrog Smart1-Cloud huab lossis nrog SMP (kev pabcuam rau SMB).
Hauv tsab xov xwm no, peb yuav tsom mus rau Txoj Kev Tswj Xyuas Hauv Zos; koj tuaj yeem teev cov qauv uas tsim nyog. Txhawm rau paub koj tus kheej nrog cov txheej txheem ntawm synchronization nrog rau Kev Tswj Xyuas Kev Ua Haujlwm, peb xav los ntawm CheckPoint Tau Txais Pib Kev cob qhia series npaj los ntawm TS Solution.
Tom ntej no, lub qhov rais yuav raug nthuav tawm txhais cov kev khiav hauj lwm hom ntawm lub interfaces ntawm lub rooj vag:
- Hloov hom txhais tau hais tias muaj cov subnet los ntawm ib qho interface mus rau subnet ntawm lwm qhov interface.
- Lub Disable Switch hom raws li lov tes taw Hloov hom; txhua qhov chaw nres nkoj khiav tsheb mus rau ib qho kev sib cais network.
Nws kuj tau thov kom qhia meej lub pas dej ntawm DHCP chaw nyob uas yuav siv tau thaum txuas mus rau lub zos interfaces ntawm lub rooj vag.
Cov kauj ruam tom ntej yog txhawm rau teeb tsa lub rooj vag mus ua haujlwm hauv hom wireless; peb npaj los tham txog qhov no hauv kev nthuav dav ntxiv hauv ib tsab xov xwm hauv koob, yog li peb ncua qhov kev teeb tsa ntawm cov chaw. Koj tuaj yeem tsim qhov chaw nkag wireless tshiab, teeb tsa tus password rau txuas rau nws thiab txiav txim siab ua haujlwm ntawm lub wireless channel (2.4 Hz lossis 5 Hz).
Cov kauj ruam tom ntej yuav yog teeb tsa kev nkag mus rau lub rooj vag rau cov thawj coj hauv tuam txhab. Los ntawm lub neej ntawd, cov cai nkag tau raug tso cai yog tias kev sib txuas los ntawm:
- Internal tuam txhab subnet
- Trusted wireless network
- VPN qhov
Qhov kev xaiv los txuas rau lub rooj vag ntawm Is Taws Nem yog neeg xiam los ntawm lub neej ntawd, qhov no ua rau muaj kev pheej hmoo loj thiab yuav tsum muaj kev ncaj ncees rau kev suav nrog, txwv tsis pub nws raug pom zoo kom tso nws raws li hauv peb qhov piv txwv. mus txuas rau lub rooj vag.
Lub qhov rais tom ntej no cuam tshuam txog kev ua kom cov ntawv tso cai; thaum pib pib ntawm lub cuab yeej, koj yuav raug nthuav tawm nrog 30-hnub mus sib hais. Muaj ob txoj hauv kev ua kom muaj:
- Yog tias muaj kev sib txuas hauv Is Taws Nem, daim ntawv tso cai qhib tau txais.
- Yog tias koj qhib daim ntawv tso cai offline, koj yuav tsum ua cov hauv qab no: rub tawm daim ntawv tso cai los ntawm UserCenter, sau npe koj lub cuab yeej ntawm qhov tshwj xeeb . Tom ntej no, rau ob qho tib si, koj yuav tsum tau import daim ntawv tso cai downloaded manually.
Thaum kawg, lub qhov rais kawg hauv qhov chaw wizard qhia koj xaiv cov hniav kom qhib; nco ntsoov tias QOS hniav tau qhib tsuas yog tom qab pib pib. Koj yuav tsum xaus nrog lub qhov rais ua tiav uas qhia txog koj qhov chaw.
Kev teeb tsa thawj zaug
Ua ntej tshaj plaws, peb pom zoo kom kuaj xyuas cov xwm txheej ntawm daim ntawv tso cai; ntxiv kev teeb tsa yuav nyob ntawm qhov no. Mus rau "HOME" β "License" tab:
Yog tias cov ntawv tso cai raug qhib, peb pom zoo kom hloov kho tam sim rau qhov tseeb tam sim no firmware; ua li no, mus rau "DEVICE" β "System Operations" tab:
Cov kev hloov kho tshiab nyob rau hauv cov khoom Firmware Upgrade. Hauv peb qhov xwm txheej, tam sim no thiab qhov tseeb firmware version raug teeb tsa.
Tom ntej no, kuv thov kom luv luv tham txog lub peev xwm thiab kev teeb tsa ntawm lub tshuab hniav. Raws li txoj cai, lawv tuaj yeem muab faib ua Access (Firewall, Application Control, URL Filtering) thiab Kev Tiv Thaiv Kev Nyab Xeeb (IPS, Antivirus, Anti-Bot, hem emulation) qib cov cai.
Cia peb mus rau Txoj Cai Nkag Mus β Blade Control tab:
Los ntawm lub neej ntawd, STANDARD hom yog siv, nws tso cai rau cov tsheb khiav mus rau hauv Is Taws Nem, tsheb khiav hauv lub zos network, tab sis tib lub sij hawm thaiv kev nkag los ntawm Is Taws Nem.
Raws li rau APPLICATIONS & URL FILTERING cov hniav, los ntawm lub neej ntawd lawv tau teeb tsa los thaiv cov chaw uas muaj kev phom sij siab, thaiv kev sib pauv daim ntawv thov (Torrent, File Storage, thiab lwm yam). Koj tseem tuaj yeem thaiv pawg ntawm cov vev xaib manually.
Cia peb tshawb xyuas qhov kev xaiv rau cov neeg siv tsheb "Txheej txheem bandwidth siv daim ntawv thov" nrog lub peev xwm los txwv qhov nrawm ntawm kev tawm mus / nkag mus rau cov pab pawg ntawm cov ntawv thov.
Tom ntej no, qhib Txoj Cai ntu ntu; los ntawm lub neej ntawd, cov cai raug tsim tawm raws li cov lus piav qhia yav dhau los.
NAT subsection los ntawm lub neej ntawd ua haujlwm hauv Ntiaj Teb Hide Nat Automatic, piv txwv li txhua tus tswv tsev sab hauv yuav nkag mus rau Is Taws Nem los ntawm pej xeem IP chaw nyob. Nws muaj peev xwm los teeb tsa NAT cov cai rau kev tshaj tawm koj lub vev xaib lossis cov kev pabcuam.
Tom ntej no, ntu uas cuam tshuam txog Tus Neeg Siv Kev lees paub hauv lub network muaj ob txoj kev xaiv: Cov Lus Nug Cov Lus Qhia Ua Haujlwm (kev koom ua ke nrog koj AD), Browser-Based-Authentication (tus neeg siv nkag mus rau cov ntaub ntawv pov thawj hauv lub portal).
Nws tsim nyog hais txog kev tshuaj xyuas SSL cais; qhov sib koom ntawm tag nrho HTTPS tsheb khiav ntawm lub Ntiaj Teb Network tau nce zuj zus. Cia peb saib seb qhov nta CheckPoint muaj rau SMB cov kev daws teeb meem, ua li no, mus rau SSL-Inspection β Txoj Cai Tshooj:
Hauv qhov chaw koj tuaj yeem tshawb xyuas HTTPS tsheb; koj yuav tsum tau import daim ntawv pov thawj thiab nruab rau hauv qhov chaw pov thawj ntseeg siab ntawm cov neeg siv khoom kawg.
Peb xav txog BYPASS hom rau cov pawg uas tau teev ua ntej los ua ib qho kev xaiv yooj yim; qhov no txuag lub sij hawm thaum ua kom muaj kev tshuaj xyuas.
Tom qab teeb tsa cov cai ntawm Firewall / Daim Ntawv Thov Qib, koj yuav tsum mus rau kev kho cov cai tswj kev nyab xeeb (Kev Tiv Thaiv Kev Nyab Xeeb), ua li no, mus rau ntu tsim nyog:
Ntawm nplooj ntawv qhib peb pom cov ntawv qhib, kos npe thiab cov xwm txheej hloov tshiab. Peb kuj raug nug kom xaiv ib qhov profile rau kev tiv thaiv lub network perimeter, thiab cov teeb tsa sib raug tau tshwm sim.
Ib ntu cais "IPS Kev Tiv Thaiv" tso cai rau koj los teeb tsa qhov kev txiav txim rau kev kos npe tshwj xeeb kev ruaj ntseg.
Tsis ntev dhau los peb tau sau rau ntawm peb qhov blog rau Windows Server - SigRed. Cia peb kuaj xyuas nws qhov muaj nyob hauv Gaia Embedded 80.20 los ntawm kev nkag mus rau cov lus nug "CVE-2020-1350"
Cov ntaub ntawv tau raug kuaj pom rau qhov kos npe no uas ib qho ntawm cov kev ua haujlwm tuaj yeem siv tau. (los ntawm lub neej ntawd Tiv thaiv rau qib txaus ntshai yog qhov tseem ceeb). Raws li, muaj kev daws teeb meem SMB, koj yuav tsis raug tso tseg raws li kev hloov tshiab thiab kev txhawb nqa; qhov no yog qhov ua tiav NGFW kev daws teeb meem rau cov ceg haujlwm txog li 200 tus neeg los ntawm CheckPoint.
Kev ntsuas kev ua tau zoo
Thaum kawg ntawm tsab xov xwm, kuv xav kom nco ntsoov qhov muaj cov cuab yeej rau kev daws teeb meem tom qab qhov pib pib thiab teeb tsa ntawm SMB kev daws teeb meem. Koj tuaj yeem mus rau "HOME" β "Tools" seem. Cov kev xaiv ua tau:
- saib xyuas qhov system cov peev txheej;
- routing rooj;
- tshawb xyuas qhov muaj ntawm CheckPoint huab kev pabcuam;
- CPinfo tiam;
Built-in network commands kuj muaj: Ping, Traceroute, Traffic Capture.
Yog li, hnub no peb tau tshuaj xyuas thiab kawm txog kev sib txuas thiab kev teeb tsa ntawm NGFW 1590, koj yuav ua cov haujlwm zoo sib xws rau tag nrho 1500 SMB Checkpoint series. Cov kev xaiv muaj qhia peb qhov sib txawv ntawm qhov chaw, kev txhawb nqa rau cov txheej txheem niaj hnub ntawm kev tiv thaiv kev khiav tsheb ntawm lub network perimeter.
Niaj hnub no, CheckPoint cov kev daws teeb meem rau kev tiv thaiv cov chaw ua haujlwm me thiab cov ceg ntoo (txog 200 tus neeg) muaj ntau yam cuab yeej thiab siv cov thev naus laus zis tshiab (kev tswj hwm huab, kev txhawb nqa SIM daim npav, nco nthuav dav siv SD phaib, thiab lwm yam). Txuas ntxiv kom paub thiab nyeem cov ntawv los ntawm TS Solution, peb tab tom npaj kev tshaj tawm ntxiv ntawm ntu ntawm NGFW CheckPoint ntawm SMB tsev neeg, ntsib koj!
. Nyob twj ywm (, , , , ).
Tau qhov twg los: www.hab.com