VPN-1 is a firewall and VPN product developed by Check Point Software Technologies Ltd.

VPN-1 is a stateful firewall which also filters traffic by inspecting the application layer. It was the first commercially available software firewall to use stateful inspection. Later (1997), Check Point registered U.S. Patent # 5,606,668 on their security technology that, among other features, included stateful inspection.^[1] VPN-1 functionality is currently bundled within all the Check Point's perimeter security products. The product, previously known as FireWall-1, is now sold as an integrated firewall and VPN solution.

Platforms[edit]

Check Point has recently released Gaia R80.10 for gateway, and together with the management version released last year, it is a powerful combination you definitely want to get to know better! If you are already running Gaia R77.30 or earlier versions, you will find R80 a little different initially, although the features you love are there when. 8 rows  Firewall R77 Versions Administration Guide. This document is designed for on-screen. For finding out the OS version: Expert@CP# sh ver This is Check Point SecurePlatform Pro R76 Build 468 For finding out the Check Point version: Expert@CP# fw ver This is Check Point VPN-1(TM) & FireWall-1(R) R76 - Build 380 Expert@CP#.

Checkpoint Free Firewall

The VPN-1 software is installed on a separate operating system, which provides the protocol stack, file system, process scheduling and other features needed by the product. This is different from most other commercial firewall products like Cisco PIX and Juniper firewalls where the firewall software is part of a proprietary operating system.

Although traditionally sold as software only, VPN-1 is also sold in appliance form as Check Point's UTM-1 (starting 2006) and Power-1 appliances. These appliances run the SecurePlatform operating system.

As of version R70, VPN-1 supports the following operating systems:

Older Checkpoint Firewall Versions

• Windows Server 2003 and 2008;
• Red Hat Enterprise Linux (RHEL);
• Check Point SecurePlatform (a Check Point Linux distribution based on Red Hat Enterprise Linux, often called SPLAT);
• Nokia IPSO;
• Check Point Gaia (a Check Point Linux distribution, unifying IPSO and SecurePlatform into a single operating system);
• Crossbeam XOS and COS

Previous versions of Check Point firewall supported other operating systems including Solaris, HP-UX and AIX. See the table in the Version History section below for details.

VPN-1 running on the Nokia platform on IPSO is often called a Nokia Firewall as if it were a different product, but in fact it runs the same VPN-1 software as other platforms.

Upon completing the acquisition of Nokia Security Appliance Business in 2009, Checkpoint started the project named Gaia aimed at merging two different operating systems—SecurePlatform and IPSO—into one. This new OS is positioned to finally replace both existing operating systems at some point in the future.^[2]On April 17, 2012 Check Point announced the general availability of the Gaia operating system as part of the R75.40 release.

Features[edit]

While started as pure firewall and vpn only product, later more features were added. And while they are licensed separately, they have since began to be bundled in default installations of the VPN-1 as well.

SmartDefense (IPS) This feature adds to the built-in stateful inspection and inherent TCP/IP protocols checks andnormalization inspection of most common application protocols. Starting NGX R70 this feature has been rebranded as IPS.
Quality of service (Floodgate-1) Checkpoint implementation of the Quality of service (QOS). It supportsbandwidth guaranteeing or limiting per QOS rule or per connection. Also the priority queuing can be done (LLQ). Nevertheless,RFC based QOS implementation, be it Differentiated services or Ip precedence, are not supported
Content Inspection Starting with NGX R65 this new feature has been introduced providing 2 services:

• Antivirus scanning - scanning of the passing traffic for viruses
• Web filtering - limiting access of internal to the firewall hosts to the Web resources using explicit URL specification or category rating.

See also[edit]

References[edit]

1. ^'Check point software technologies Ltd. awarded patent for stateful inspection technology' (Press release). Check Point Software Technologies Ltd. 1997-03-17. Archived from the original on 2008-07-04. Retrieved 2009-04-01.
2. ^Gaia project

External links[edit]

• www.checkpoint.com — Check Point Software Technologies web site
• www.fw-1.de — information about VPN-1

On Check Point firewall's command line, how can I find its version?
Major version, minor version and optionally build number.

1 Answer

Note: all the commands available on clish (default CLI shell) shell, Gaia OS.

The most basic command is:

Example output:

Product version Check Point Gaia R75.45
OS build 123
OS kernel version 2.6.18-92cp
OS edition 32-bit

Other relevant commands from Check Point CLI reference guide:

Security Gateway Version
Display the Security Gateway major and minor version number and build number:

VPN Version
Display the VPN major version number and build number.

Products and the Operating System
Obtain details of the products and the operating system installed on the specified Check Point Security Gateway, and to update the database.

Example:

cprinstall get gw1
Checking cprid connection...
Verified
Operation completed successfully
Updating machine information...
Update successfully completed
'Get Gateway Data' completed successfully

Operating system Major Version Minor Version
SecurePlatform R75.20 R75.20

Vendor Product Major Version Minor Version
Check Point VPN-1 Power/UTM R75.20 R75.20
Check Point SecurePlatform R75.20 R75.20
Check Point SmartPortal R75.20 R75.20

[On SmartCenter] Management Server Version

Not the answer you're looking for? Browse other questions tagged firewallcheckpoint or ask your own question.