Executive Summary Expanding Internet technologies have redefined corporate approaches to internetworking and network security. The Internet has become the new forum for business communications and international commerce. Organizations require an innovative solution that integrates all aspects of network security, connectivity, and management. Check Point Software Technologies Ltd. meets this challenge with FireWall-1, the industry’s leading network security solution. FireWall-1 enables enterprises to define and enforce a single, comprehensive Security Policy while providing full, transparent connectivity. Utilizing Check Point’s patented Stateful Inspection Technology and Open Platform for Secure Enterprise Connectivity (OPSECTM), FireWall-1 integrates and centrally manages all aspects of network security. An integrated product suite extends FireWall-1’s capabilities to all levels of security and management. This document describes the unique features of Check Point FireWall-1. A simple step- by-step procedure demonstrates how to build a FireWall-1 Rule Base and install a Security Policy for a simple network configuration. In This Document: FireWall-1 Technology and Architecture Stateful Inspection Technology Check Point’s patented Stateful Inspection Technology assures the highest level of network security and performance. A powerful Inspection Module examines every packet passing through key locations in your network (Internet gateway, servers, workstations, routers, or switches), promptly blocking all unwanted communication attempts. Packets do not enter the network unless they comply with the enterprise Security Policy. FireWall-1 Inspection Module The FireWall-1 Inspection Module is located in the operating system kernel, below the network layer, at the lowest software level. The Inspection Module analyzes all packets before they reach the gateway operating systems. Packets are not processed by any of the higher protocol layers unless FireWall-1 verifies that they comply with the enterprise Security Policy. The Inspection Module examines communications from any IP protocol or application, including “stateless” protocols, such as UDP and RPC. FireWall-1 4.0 Technical Overview