Problem solve Get help with specific problems with your technologies, process and projects.

Vulnerabilities in Checkpoint firewall

My security vendor is charging me a lot of money to fully manage my firewall. The firewall is running Checkpoint FW-1 version 3.0b. The OS is Solaris 2.6. Does this version have any known vulnerabilities? Is it the newest and most secure version available?

Solaris 2.6 does have known vulnerabilities, but there are also patches available for most, if not all, of them. You should visit SunSolve Online, where you can do a search for security bulletins referencing Solaris 2.6. I found 42 documents when I did that search.

Checkpoint FW-1 is now on version 4.1. Version 3.0 is no longer supported by Checkpoint. There are known vulnerabilities with FW-1, as well. As with Solaris, most -- if not all -- the known vulnerabilities with FW-1 have patches available from Checkpoint.

I would recommend asking your security vendor why your firewall has not been updated to the latest versions. Perhaps they have a good reason. Perhaps your maintenance agreement with Checkpoint has expired.

Managing a firewall is not a trivial task, which is why there are security vendors that provide managed service. However, you should be able to ask them what they are doing and why. If you can't trust your vendor to do the job correctly, perhaps you need to find a different vendor.

This was last published in March 2001

Dig Deeper on Application firewall security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.