Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Image not available

Tell the Publisher!
Id like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Essential Checkpoint Firewall 1: An Installation, Configuration and Trouble Shooting Guide [Paperback]

Dameon D. Welch-Abernathy
5.0 out of 5 stars  See all reviews (3 customer reviews)

Available from these sellers.

Book Description

23 Oct 2001
Check Point Firewall-1aA A is the world's leading firewall - but it's extremely difficult to find in-depth, independent guidance on using it effectively. In this book, the maintainer of the world's leading Firewall-1aA A FAQ brings together comprehensive, expert guidance on every aspect of working with Firewall-1aA A : planning, configuration, deployment, administration, tuning, and troubleshooting. In this book, Daemon Welch draws upon his extensive hands-on experience in teaching and implementing Firewall-1aA A in a wide variety of corporate environments. He begins with a practical overview of firewall security, and what a firewall can and can't do. Welch covers planning your Firewall-1aA A installation, building your "rulebase," configuring Firewall-1, logging and alerting, remote management, authentication and passwords, content security, network address translation (NAT), encryption, high availability, performance tuning, and much more. The book contains detailed coverage of VPNs, including client-to-firewall VPNs, the VPN-1 SecuRemote Secure Virtual Network Architecture, secure clients, and VPN troubleshooting.Along the way, Welch provides practical rules and checklists that can't be found anywhere else. For all computer security specialists, network/Web professionals, and system administrators, and for super-power users responsible for protecting computer systems against intrusion.

Customers Who Viewed This Item Also Viewed

Product details

  • Paperback: 544 pages
  • Publisher: Addison Wesley; 1 edition (23 Oct 2001)
  • Language: English
  • ISBN-10: 0201699508
  • ISBN-13: 978-0201699500
  • Product Dimensions: 23.4 x 18.8 x 2.6 cm
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (3 customer reviews)
  • Amazon Bestsellers Rank: 1,116,235 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

Amazon Review

Firewall-1 is a complex product which makes the approach taken by Essential Check Point Firewall-1 particularly welcome. Basically, the author presents a series of heavily annotated pictorial mini-tutorials which take you from installation, through configuration, management and on to troubleshooting.

Each tutorial covers a specific feature, shows you how to access it within Firewall-1, what the options mean, which you can ignore under certain conditions and sensible default settings. In practice, the author goes much further, detailing the effects various settings have with and without other software, services and even product licences.

The author's advice on how to develop rule sets is welcome, nearly as much so as the detailed discussions on implementing them, which requires a reasonable understanding of how the rules will affect the user experience along with the network's security. Perhaps the most apposite section, though, covers the many supported authentication methods in Firewall-1. This is as thorough as the section on arranging secure external access to the firewall management software for sysadmins.

All in all, Essential Check Point Firewall-1 is a remarkably accessible book for anyone who has to administer Check Point's bestselling firewall solution. This is highly recommended. --Steve Patient

From the Author

This book covers the essentials of Check Point FireWall-1, thus the title. Each chapter discusses a major feature of the product or a specific topic that will help you to plan for your FireWall-1 installation. You get step-by-step configuration instructions for many features in FireWall-1 complete with screen shots and several sample configurations that you can try. The book also includes lots of information from my FireWall-1 FAQs.

What makes me uniquely qualified to write this book? I've been helping people to use this product since 1996 from version 2.0 onward. I've also done numerous customer installations and taught the Check Point certification classes. I continually contribute to the FireWall-1 community through my website and moderated mailing list, FireWall-1 Wizards.

My hope is that all FireWall-1 administrators find this book a useful tool and will learn something about FireWall-1 they didn't know before.

-- Dameon D. Welch-Abernathy, a.k.a. "PhoneBoy"

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

What Other Items Do Customers Buy After Viewing This Item?

Customer Reviews

4 star
3 star
2 star
1 star
5.0 out of 5 stars
5.0 out of 5 stars
Most Helpful Customer Reviews
8 of 8 people found the following review helpful
5.0 out of 5 stars Deserves more than five stars! 24 Jan 2002
By A Customer
Format:Paperback|Verified Purchase
500 pages of pure class. Mr Welch clearly knows his subject and has managed to pack an enormous amount of information into what is a seriously easy-to-read book. The book's coverage spans installation, planning, rulebase design and troubleshooting, plus some more technical info in the appendices. All the Firewall-1 jobs I was wary of starting have now been trivialised into neat example scenarios, all in the same project-document type format. An example of how much thought has gone into this book can be seen under each screen-shot figure...e.g. "Figure 7-49 Policy Properties, Security Servers tab, HTTP Servers". No more trying to read the nearby text to find out how to make the dialog box appear.
This book is clearly meant to be used, and it will be on a daily basis!
Do you know anything about MAILsweeper, Dameon?
Comment | 
Was this review helpful to you?
6 of 6 people found the following review helpful
5.0 out of 5 stars Impressive - very impresive 10 Nov 2001
Format:Paperback|Verified Purchase
I've been visiting the phoneboy website for ages now, and to see the distilled wisdom of that site presented here in clear plain text is great.
In my view the secitons on the HTTP security server, stateful inspection of ICMP and the rules for LDAP are worth the cover price anyway.
Comment | 
Was this review helpful to you?
3 of 3 people found the following review helpful
5.0 out of 5 stars An excellent hands-on guide to FW-1 5 Dec 2001
FW-1 is quirky product to work with (a strange mixture of GUI and command-line). This book provides a superb guide for installing and managing FW-1. Based on the Phoneboy enthusiast site, it gives coverage of the key issues and pitfalls to consider. The example configurations were extremely useful in helping me understand how to configure the Firewall. Of particular interest was the section on hardening your OS (NT or Solaris), prior to installing FW-1.
I certainly found the book a lot more honest and useful than the official Check Point CCSA/CCSE student guides.
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.9 out of 5 stars  19 reviews
12 of 12 people found the following review helpful
5.0 out of 5 stars Best CheckPoint FW-1 Book Ever!!!!!!!!!!!!!!! 28 Nov 2001
By Joseph G. McGean - Published on Amazon.com
Mr. Welch, aka "PhoneBoy", moves from strength to strength, with this book. If you are new to CheckPoint FW-1: buy this book. If you currently use CheckPoint FW-1: buy this book. "PhoneBoy", did not just write, this book, he has been writing this book -- through his massive FW-1 FAQ -- for some time. Hence, the quality of this work is beyond that of a mere 'book' in the common sense and traditional view.
Dameon really shows his experience, and cuts right to the heart of _all_ the critical issues covered. Most 'computer' books (besides TCP/IP Illustrated (1,2&3) , O'Really Unix & a few Worx Press books) are total lame, marketing-slick filled tripe; as we all know that's why we have jobs ;)
Most Tech books are made by Cor(e)Pirate losers who listen to some wanker pitch lame re-Hashes of the already subpar vendor docs (& Web site slicks). This book, on the other hand, is a high quality Tome, guaranteed to be an overnight `classic', in the feild. Visit, the Web site of the Master, his nickname .com, or that of the publisher AW to get a .PDF version of Chap 9, this is the VPN Chap and, as stated in a review here, one of the strongest Chaps in the book. Actually, all the chapters are strong, it's just that VPNs within the CheckPoint context are very important, and can be complex. If manuals are fine, its time to Read This new Fine Manual for CheckPoint FW-1.
With this book and a copy of the FW-1 GUI run *local, you could pass the CCSA and CCSE: without ever actually touching a real CheckPoint FW-1 install.
CheckPoint should ship this with every firewall they sell, that's how good this book is!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
10 of 10 people found the following review helpful
5.0 out of 5 stars Hands down the best book on FW-1 available 16 Jun 2002
By Ben Rothke - Published on Amazon.com
Checkpoint FireWall-1 has become one of the top firewall software products in the industry. There are many reasons for its predominance. It was the first commercial
firewall on the market, but more importantly, the FireWall-1 GUI and its ease of use impressed corporate CIO's.
Although FireWall-1 is easy to use, some users face difficulty in configuring the product correctly and appropriately. In fact, one of the biggest dangers of a firewall is that it can
provide a false sense of security; if not properly configured, a firewall may have so many holes that it actually functions as nothing more than a router. Firewall expert Marcus
Ranum notes that, "...eventually, if enough data is going back and forth through your firewall, it is no longer a firewall -- it is a router."
Many times, firewall administrators are hired not because of their expertise in information security, but because they know network and systems administration quite
well. Many FireWall-1 administrators start with zero experience and knowledge. This is good from a job security and training perspective, but terrible from a security perspective.
Despite the proliferation and ubiquitous nature of FireWall-1 over the past decade, it is only in the last few months that any worthwhile books on FireWall-1 have become
available. One of the best is Essential Checkpoint Firewall-1: An Installation, Configuration, and Troubleshooting Guide by Dameon Welch-Abernathy. Welch-
Abernathy maintains a Web site, ..., which contains information on anything and everything related to FireWall-1. In fact, many FireWall-1 administrators have
... bookmarked as their prime site for FireWall-1 information, even before the Check Point support site.
Although the documentation that comes with FireWall-1 is quite good, Essential Checkpoint Firewall-1 often surpasses it. This is what makes Welch-Abernathy known as
the man for FireWall-1. Even Nir Zuk, who was a principal engineer at Check Point, stated that Welch-Abernathy's knowledge of FireWall-1 in many cases surpassed the
knowledge of Check Point's own engineers.
As its title implies, the book covers the installation, configuration, and troubleshooting of FireWall-1. Whereas the product itself is pretty straightforward to install (except for the
software license information), the real challenge is in the post- installation arena. The book has 14 chapters and, by Chapter 3 (page 34), the book is already into FireWall-
1. Other books often include up to 100 pages of filler on topics such as computer secrity, cryptography, threats, etc., and don't get to the main subject until half way through the
book. Chapter 4 of this book provides a thorough overview of how to build a rulebase. The chapter describes the various fields and objects that need to be created for the
firewall to be effective. Although the simplicity of the Check Point GUI is obvious, the definition of names, network objects, and so forth, must be carefully planned -- especially
for rollouts of FireWall-1 in large enterprise environments.
Chapter 8 provides an excellent overview of content security. FireWall-1 is built on its patented Stateful Inspection capabilities, but it has other security facilities including CVP
(Content Vectoring Protocol), UFP (URL Filtering Protocol), and others. The chapter describes much of the secondary content protection capabilities of FireWall-1. Such
capabilities are crucial in light of the volume of information that passes through corporate firewalls (including streaming media, email, files, Java, etc.).
Essential Checkpoint Firewall-1 covers all the crucial topics that any FireWall-1 administrator needs to know. From authentication, VPN, logging, high availability, and
more, it is all there. This is what makes Essential Checkpoint Firewall-1 the book of choice for FireWall-1.
8 of 8 people found the following review helpful
5.0 out of 5 stars Lives up to its title! 21 April 2002
By Mike Tarrani - Published on Amazon.com
This is one of those rare books that delivers what the title claims. It gives in-depth instructions on Firewall-1 installation, configuration and troubleshooting, and also includes additional material on security and networking that goes beyond what the title promises.
What I especially liked about this book are the little details that have a big impact if they're overlooked. Notable examples include:
(1) Quick, but thorough, introduction that provides an overview of firewalls at a general level, and the key features and benefits of Firewall-1 in particular.
(2) Issues, such the need for a security policy, are addressed early on. This is an important consideration and the author goes beyond merely highlighting the need by giving you a brief template to use in creating one.
(3) Guide through the labyrinth of Check Point's Firewall-1 licensing schemes - this is a nice touch because mastering the technology is a less daunting task then figuring out Check Point's sales strategy.
(4) Strengths and weaknesses of candidate operating systems, and a straightforward process for installing and configuring Firewall-1. The latter is a strong point because you'll benefit from the author's extensive experience and will save time by having a strategy instead of getting bit by obscure issues and learning painful lessons.
I like the way that each section ends with frequently asked questions. The author anticipates and answers common questions about installation, configuration and troubleshooting. Because of the way this book is structured it can serve as an off-the-shelf implementation and maintenance guide, eliminating the need to develop this material in-house.
This is one of the best written and well thought-out technical guides that I've had the pleasure of reading. It sets a high standard for similar books, but more importantly, it so completely covers Firewall-1 that you won't need anything but this book to implement and support this product.
8 of 8 people found the following review helpful
5.0 out of 5 stars This book is ESSENTIAL for FW-1 administrators 12 Nov 2001
By An Appliance & Healthfood Junkie - Published on Amazon.com
Format:Paperback|Verified Purchase
This is the single best resource I have ever read on the subject of Checkpoint FireWall-1. The chapters on VPNs and NAT alone are worth the price of the book. Dameon Welch has done the firewall admin community a huge service through his website, [...], and now through this book. You simply cannot find a lot of the information contained in this book anywhere else - everything is covered, from planning and installation through content security, VPNs, SecuRemote and Client and high availability. Not only does he cover the hows and whys, there is an extensive amount of troubleshooting at the end of every topic. I really can't recommend this book enough!
3 of 3 people found the following review helpful
5.0 out of 5 stars Phoneboy's best FAQ yet 11 Nov 2001
By Timothy C. Tyler - Published on Amazon.com
Phoneboy hits a home run with this solution-filled engineer's guide to the Check Point FireWall-1 software package.
This is the book that the industry has been begging for as it fills in the gaps that everyone who uses FireWall-1 need to know about.
As a Certified Check Point Instructor, I recommend this book to all of my students who attend any of my classes, as this book gets down deeper than any other book on FireWall-1 to-date.
Highly recommended and easy to read. Novice and expert alike will learn more than he or she knows what to do with.
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category