Checkpoint Firewall Security

if you have Checkpoint FW make sure to tune some parameters as it has something called implied rules , sometime called rule number Zero , example by default DNS and DHCP traffic allowed .

to check implied rules go to view and last tab you will find implied rules .


what services you shall disable , it depend on security level you want by below what i recommend , also you can disable implied rules and insert regular rules in Firewall so its not a big deal .

go to policy –> global properties


After choose Firewall – this will view implied rules as below – uncheck the pointed ones with arrow


there is others rules in OSE , which can be disabled also



dont forget to install the new policy after finishing changing the rules , else it wont take an affect 


Comments are closed.