SlideShare ist ein Scribd-Unternehmen logo
Checkpoint R80.30
Installation on
John Fitzgerald (john.fitzgerald@internet.de) 1
Start der Installation
John Fitzgerald (john.fitzgerald@internet.de) 2
Checkpoint Firewall Installation
• Checkpoint in OpenNebula getestet:
• Version 77.30
• Version 80.10
• Version 80.20
• Version 80.30
• „Hardware Parameter R80.30 (1-5 Gateways)“
• Mindestens: 8GB RAM, 4 CPU, 4 vCPU, 300 GB HDD, 1 NIC
• m.p. Empfehlung: 16 GB RAM, 4 CPU, 4 vCPU, 500 GB HDD, 2NIC, 1+ Alias
John Fitzgerald (john.fitzgerald@internet.de) 3
Firewall in virtueller Umgebung
• Warum?
• Ist das nicht unsicher?
• Spectre…
• Meltdown…
• Seitennagriffe, Ausleseattacken
• Ja, aber: wie schütze ich meinen virtuellen Webserver in Public Clouds?
• Und: Nicht so unsicher in privater Cloud(!)
John Fitzgerald (john.fitzgerald@internet.de) 4
Installation
John Fitzgerald (john.fitzgerald@internet.de) 5
Vorteile einer guten Firewall
• Granulare Einstellungen
• NAT/PAT: IPs, Ports etc.
• Verschleierung des OS
• Nicht nur Paket Filtering, sondern Deep-Paket Inspection
• Intrusion Prevention System (wichtig: Anzahl der Patterns)
• VirenFilter
• SpamFilter
• VPN at ~ WireSpeed
• IP Tunnel Concentrator
• […]
John Fitzgerald (john.fitzgerald@internet.de) 6
Geo-Protection
John Fitzgerald (john.fitzgerald@internet.de) 7
IPS (Intrusion Prevention System)
John Fitzgerald (john.fitzgerald@internet.de) 8
SMB vs. Enterprise Quadrant
John Fitzgerald (john.fitzgerald@internet.de) 9
NMAP Scan Test
John Fitzgerald (john.fitzgerald@internet.de) 10
Ohne Firewall: mit Checkpoint Firewall:
Fragen?
John Fitzgerald (john.fitzgerald@internet.de) 11

Weitere ähnliche Inhalte

Ähnlich wie CheckPoint R80.30 Installation on OpenNebula

Integration von Security-Checks in die CI-Pipeline
Integration von Security-Checks in die CI-PipelineIntegration von Security-Checks in die CI-Pipeline
Integration von Security-Checks in die CI-Pipeline
OPEN KNOWLEDGE GmbH
 
2017 05 16_trend_micro_webinar_wanna_cry1_ppt
2017 05 16_trend_micro_webinar_wanna_cry1_ppt2017 05 16_trend_micro_webinar_wanna_cry1_ppt
2017 05 16_trend_micro_webinar_wanna_cry1_ppt
Andreas Pelka
 
Rex - Infrastruktur als Code
Rex - Infrastruktur als CodeRex - Infrastruktur als Code
Rex - Infrastruktur als Code
Jan Gehring
 
Server Überwachung mit Icinga 2 (Webinar vom 15. Februar 2017)
Server Überwachung mit Icinga 2 (Webinar vom 15. Februar 2017)Server Überwachung mit Icinga 2 (Webinar vom 15. Februar 2017)
Server Überwachung mit Icinga 2 (Webinar vom 15. Februar 2017)
NETWAYS
 
stackconf 2020 | SecDevOps in der Cloud by Florian Wiethoff
stackconf 2020 | SecDevOps in der Cloud by Florian Wiethoffstackconf 2020 | SecDevOps in der Cloud by Florian Wiethoff
stackconf 2020 | SecDevOps in der Cloud by Florian Wiethoff
NETWAYS
 
Netzwerkmonitoring.pdf
Netzwerkmonitoring.pdfNetzwerkmonitoring.pdf
Netzwerkmonitoring.pdf
Westermo Network Technologies
 
PHP Summit 2013 - Make or Buy?
PHP Summit 2013 - Make or Buy?PHP Summit 2013 - Make or Buy?
PHP Summit 2013 - Make or Buy?
Sebastian Heuer
 
Tk roadschow-ipmi-pdeneu
Tk roadschow-ipmi-pdeneuTk roadschow-ipmi-pdeneu
Tk roadschow-ipmi-pdeneuWerner Fischer
 

Ähnlich wie CheckPoint R80.30 Installation on OpenNebula (8)

Integration von Security-Checks in die CI-Pipeline
Integration von Security-Checks in die CI-PipelineIntegration von Security-Checks in die CI-Pipeline
Integration von Security-Checks in die CI-Pipeline
 
2017 05 16_trend_micro_webinar_wanna_cry1_ppt
2017 05 16_trend_micro_webinar_wanna_cry1_ppt2017 05 16_trend_micro_webinar_wanna_cry1_ppt
2017 05 16_trend_micro_webinar_wanna_cry1_ppt
 
Rex - Infrastruktur als Code
Rex - Infrastruktur als CodeRex - Infrastruktur als Code
Rex - Infrastruktur als Code
 
Server Überwachung mit Icinga 2 (Webinar vom 15. Februar 2017)
Server Überwachung mit Icinga 2 (Webinar vom 15. Februar 2017)Server Überwachung mit Icinga 2 (Webinar vom 15. Februar 2017)
Server Überwachung mit Icinga 2 (Webinar vom 15. Februar 2017)
 
stackconf 2020 | SecDevOps in der Cloud by Florian Wiethoff
stackconf 2020 | SecDevOps in der Cloud by Florian Wiethoffstackconf 2020 | SecDevOps in der Cloud by Florian Wiethoff
stackconf 2020 | SecDevOps in der Cloud by Florian Wiethoff
 
Netzwerkmonitoring.pdf
Netzwerkmonitoring.pdfNetzwerkmonitoring.pdf
Netzwerkmonitoring.pdf
 
PHP Summit 2013 - Make or Buy?
PHP Summit 2013 - Make or Buy?PHP Summit 2013 - Make or Buy?
PHP Summit 2013 - Make or Buy?
 
Tk roadschow-ipmi-pdeneu
Tk roadschow-ipmi-pdeneuTk roadschow-ipmi-pdeneu
Tk roadschow-ipmi-pdeneu
 

Mehr von OpenNebula Project

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebula Project
 
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebula Project
 
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebula Project
 
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebula Project
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebula Project
 
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebula Project
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebula Project
 
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebula Project
 
Replacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaReplacing vCloud with OpenNebula
Replacing vCloud with OpenNebula
OpenNebula Project
 
NTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItNTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do It
OpenNebula Project
 
OpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISP
OpenNebula Project
 
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHNTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
OpenNebula Project
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
OpenNebula Project
 
NetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaNetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebula
OpenNebula Project
 
NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10
OpenNebula Project
 
Security for Private Cloud Environments
Security for Private Cloud EnvironmentsSecurity for Private Cloud Environments
Security for Private Cloud Environments
OpenNebula Project
 
DE-CIX: CloudConnectivity
DE-CIX: CloudConnectivityDE-CIX: CloudConnectivity
DE-CIX: CloudConnectivity
OpenNebula Project
 
DDC Demo
DDC DemoDDC Demo
Cloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaCloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebula
OpenNebula Project
 
OpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful CloudsOpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful Clouds
OpenNebula Project
 

Mehr von OpenNebula Project (20)

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
 
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
 
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
 
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
 
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
 
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
 
Replacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaReplacing vCloud with OpenNebula
Replacing vCloud with OpenNebula
 
NTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItNTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do It
 
OpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISP
 
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHNTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
 
NetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaNetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebula
 
NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10
 
Security for Private Cloud Environments
Security for Private Cloud EnvironmentsSecurity for Private Cloud Environments
Security for Private Cloud Environments
 
DE-CIX: CloudConnectivity
DE-CIX: CloudConnectivityDE-CIX: CloudConnectivity
DE-CIX: CloudConnectivity
 
DDC Demo
DDC DemoDDC Demo
DDC Demo
 
Cloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaCloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebula
 
OpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful CloudsOpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful Clouds
 

CheckPoint R80.30 Installation on OpenNebula