♟️ 👊🏼 🎁 7.小型企业的NGFW。调优和一般建议 ↪️ 👂🏻 🕠

现在是时候完成有关新一代Check Point SMB（1500系列）的系列文章了。我们希望这对您来说是有益的经历，并且您将继续在TS Solution博客上与我们在一起。最后一篇文章的主题并未广泛涉及，但同样重要-调整SMB性能。在本文中，我们将讨论配置NGFW的硬件和软件的可能性，描述可用的命令和交互方法。

该系列中有关小型企业的NGFW的所有文章：

SMB - Gaia 80.20 Embedded. ( Management Server ) - NGFW.

Check Point SMB, , Appliance Sizing Tool, ( , .).

NGFW

NGFW SMB (CPU, RAM, HDD), SD-, , .
. Gaia 80.20 Embedded , CLI Expert
# ifconfig
, . NGFW, .

Gaia :

> show diag

. , 80.20 Embedded , SNMP-traps:


Interface disconnected
VLAN removed	Vlan
High memory utilization	RAM
Low disk space	HDD
High CPU utilization	CPU
High CPU interrupts rate
High connection rate
High concurrent connections
High Firewall throughput	Firewall
High accepted packet rate
Cluster member state changed
Connection with log server error	Log-Server

RAM. Gaia (Linux OC) , RAM 70-80% .
SMB- SWAP-, Check Point. , Linux <vm.swapsiness>, SWAP.

Gaia - 80.20.10. , CLI: Expert Linu . NGFW , . SMB.

Gaia OS

SecureXL
# fwaccel stat
# fw ctl multik stat
().
# fw ctl pstat
*
# cphaprob stat
Linux- TOP

, NGFW (, ) : , . - Management Server.

NGFW

( , Gaia)
# tail -f /var/log/messages2
C ( )
# tail -f /var/log/log/sfwd.elg
.
# dmesg

NGFW heck Point, , .

Application Control / URL Filtering

ANY, ANY (Source, Destination).
URL- : (^|..)checkpoint.com
(UserCheck).
, “SecureXL”. accelerated / medium path. ( Hits ).

HTTPS-Inspection

, 70-80% HTTPS-, , . , HTTPS-Inspection IPS, Antivirus, Antibot.

80.40 HTTPS- Legacy Dashboard, :

Bypass (Destination).
Bypass URL-.
Bypass IP c (Source).
Inspect ,
Bypass .

* HTTPS HTTPS Proxy, Any. Inspect.

IPS

IPS NGFW , . Check Point, SMB IPS.

, :

Optimized “Optimized SMB” ( ).
, IPS → Pre R80.Settings Server Protections.
CVE 2010, , . , Profile→ IPS→ Additional Activation → Protections to deactivate list

NGFW SMB (1500) , . . , !

Check Point TS Solution. — (Telegram, Facebook, VK, TS Solution Blog, .).

7.小型企业的NGFW。调优和一般建议

More articles: