In this blog, we will setup a Checkpoint lab using virtualbox and gns3 on windows.
Introduction
In this lab we implement a basic security architecture to demonstrate the operation of a firewall cluster to protect our network. Our “security domain” is segmented into four zones:
- management: only for management, operation and control purposes of equipments and services.
- intranet: our secured ressource
- internet: the untrusted network
- and dmz; the part of our network (trusted) that faces internet
Security topology
Our security topology is compound by two security gateways (SG) that are managed by a single security manager server (SM). The SG gateways (firewall) are in the same cluster such as to appear as a single entity to the rest of the world.
A management PC is configured with Check Point utilities such as: SmartDashboard, SmartUpdate, SmartView Tracker, and PuTTy for remote access to the gateways and manager using SSH. This PC belongs to the management network that connect only management interfaces. This network is physically separeted from the production trafic still that some ressources (memory, CPU, disk) may be sharable at single physical nodes…
Three routers emulate the operation of intranet, internet and dmz, are directly connected to both gateways: R3 connects intranet ressources, R2 simulates internet access and R1 our internet exposed servers…
