Checkpoint UTM-1 Edge X Configuration Tips and Resources-优快云博客

本文详细介绍了使用Checkpoint管理服务器时，Checkpoint UTM-1 Edge设备的运维注意事项，包括防火墙规则优先级、SNMPv3不支持、远程管理端口、时间同步、SSH访问以及设备重置等关键点。

Still having some Sofaware UTM-1 Edge devices in our production environment. They are perfectly support by Checkpoint Management Server when using firmware 8.2.50

5-12-2014+3-24-53+PM.jpg?resize=640%2C379

5-12-2014+3-26-30+PM.jpg?resize=640%2C420

There is a couple of things admin needs to pay attention to:

1. Local Firewall rules take precedence on Security Management Server Policies

If you are using Security Management Server to do central management, the local rules in Edge device has to be disabled or deleted, else it will take effect before the security policies from management server.

5-12-2014+3-58-50+PM.png?resize=640%2C356

2. SNMPv3 does not support

3. Port 981 is for remote management

4. Set Time to sync with a NTP time server in the Tools of Setup menu.

Note: The switch to daylight saving time does not affect UTC. It refers to time on the zero or Greenwich meridian, which is not adjusted to reflect changes either to or from Daylight Saving Time.

5-12-2014+8-58-06+PM.png?resize=400%2C347

5. SSH to the edge device

You are able to log into Edge device through SSH. There are some other interesting things to do with SSH. You can find one post regarding CheckPoint VPN-1/UTM Edge automatic SSH login

5-12-2014+9-11-07+PM.png?resize=400%2C275

6. Reset Checkpoint Edge and SofaWare box to defaults

Please do the following:

Unplug the power cord.
Hold the reset button on the back of the box.
Plug in the power cord while holding the button until the pwr/sec led is steady red.
Leave the reset button for 3 seconds.
Press the reset button again for 10 seconds until the pwr/sec led starts blinking red.
Reconfigure your box and install certs.