I had a great bargain on Ebay for a Check Point 1140 firewall while studying for my CCSA. This helped me put my Check Point knowledge to the test and got my feet wet in an actual deployment. I bought a Cisco ASA 5505 firewall last time, which helped me a lot during my CCNA/CCNP Security days. It also gave me the confidence in real world deployments such as configuring and installing Cisco ASA firewalls in my current job.
There's a great Check Point 1100 appliance guide posted in CPUG forum and here's the actual datasheet and initial guide from Check Point's website. Below is what the front and back panel looks like. It has a built-in switch with eight GigabitEthernet ports, a dedicated DMZ port and a WAN port. It also uses a 12-volt power brick/adapter, two USB (one in front and one at the back) and SD card slot and it got 2 rubber antennas.
Create an admin account and set its password, set the country, date/time, hostname, etc.
There's a great Check Point 1100 appliance guide posted in CPUG forum and here's the actual datasheet and initial guide from Check Point's website. Below is what the front and back panel looks like. It has a built-in switch with eight GigabitEthernet ports, a dedicated DMZ port and a WAN port. It also uses a 12-volt power brick/adapter, two USB (one in front and one at the back) and SD card slot and it got 2 rubber antennas.
My lovely daughter Sophia who just turned 4 this year (2016).
The Check Point appliance work seamlessly with Google Chrome web browser. To start the initial configuration wizard, type https://192.168.1.1:4434 in the web browser.
Create an admin account and set its password, set the country, date/time, hostname, etc.
Select Local management since this is a standalone deployment and there’s no separate appliance for the Security Management Server (for distributed architecture).
I’m using cable modem at home which uses DCHP for its WAN (external) connection.
Since this is a small home lab setup, I’ve created a
DCHP range to use 50 IP addresses (192.168.1.1 - 192.168.1.50) and excluded the
first 9 IPs: 192.168.1.2 – 192.168.1.10. The default gateway IP 192.168.1.1 is
automatically excluded.
I’ve used the same SSID and password
with my existing Cisco Linksys E1000 wifi router at home. Protected network means the
wireless network is protected by a password and authentication using WPA/WPA2
PSK.
I’ve allowed management access from the LAN/WLAN which is
Any IP address from the 192.168.1.0/24 subnet.
If you skip the Active License page, it will cause a 30-day
eval license countdown on the selected Software blades. I just activated the
Firewall, Remote Access and Site To Site VPN Software Blades since these have
no expiration.
If you select the Offline option, it will ask you to import
the Activation File which is downloaded via the Check Point User Center.
It will show a configuration summary page before committing the changes. Click Finish
to complete the setup wizard.
No comments:
Post a Comment