Ash,
1. It will tell you where the log came from and
on which interface the fw modules saw it.
2. This isn't a question. But if I read it as one,
yes the management station can install the same
or different rulebases onto the fw modules.
You can specify in the individual rule, which
fw object is to receive the rule, or you can
have many rulesbases and only apply them
to the fw objects you want.
3. You don't push licenses, you install them when
you build the system (fw putlic).
4. Since I don't have Floodgate, I'll defer this to those
who do. In the meantime, I'll go read some FG
propaganda on CP site...
hth,
Robert
>>> "Ash's Yahoo" <[EMAIL PROTECTED]> 2/17/00 12:05:05 PM >>>
>Hi,
> 1. Logging options is now clear ,but how will be we able to distinguish
>the logs of different FW modules.
> 2. As per my understanding , a single policy will be pushed by management
>console to all FW Modules ?
> 3. How the licenses will work ? Would I be able to push licenses from
>Management Consoles ?
> 4. IF one remote location has Floodgate and the locationd where Management
>Console is there and the other location does not have Floodgate ,Will it
>Work ?(Precisely the licenses)
>I know I am asking for too much but I am sure for FW Gurus these are just
>small queries from a new Friend.
>
>Regds,
>Ash
>
>----- Original Message -----
>From: Robert MacDonald <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
>Sent: Friday, August 11, 2000 2:08 PM
>Subject: Re: [FW1] Query-urgent
>
>Ash,
>
>1. On the fw modules.
>2a. It could choke the line, depending on how
>much logging is going on.
>2b. Yes. You may place as many entries in the
>$FWDIR/conf/loggers file, which specify the IP
>addresses of each management station to receive
>log entries. If this file is empty, then it will default to
>system that the modules in running on(itself).
>
>The system will sequentially try each entry until it
>connects. If you preceed the entry with a '+', then
>it will direct log entries to all of these systems. It
>will direct to all '+' systems if it can connect. If
>it can't it will try each of the non '+' systems
>until it succeeds.
>
>3. Yes, to the best of my knowledge.
>
>hth,
>Robert
>
>- -
>Robert P. MacDonald, Network Engineer
>e-Business Infrastructure
>G o r d o n F o o d S e r v i c e
>Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>
>>>> "Ash's Yahoo" <[EMAIL PROTECTED]> 2/11/00 4:50:05 AM >>>
>>Hello Gurus,
>> We have got 3 offices and are planning to establish a VPN between
>them.The 2 locations will have
>>FW Module and the headoffice will have FW Module + Management Console.
>>Now, the issue
>> 1.Where will the logs will be generated ?
>> 2. If it is in the HO only where the management Console then it will choke
>the HO bandwidth ,Is there is
>>any way that the logs of respective FW Modules be placed at their
>respective ends only ?
>>3. Since HO is the largest network ,we are planning to have Bandwidth
>Management (FLOODGATE ) for
>>that also there. Is it possible to have Floodgate at HO and not on the
>Other 2 locations and manage
>>everthing with the Single management console.
>>(OfCourse it will do the bandwidth management for HO only).
>>
>>Hope to get too many solutions and suggestions.
>>
>>
>>Cheers,
>>Ash
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
