Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide

FWZ, IPSec, and IKE

Previous versions of FireWall-1 supported a variety of key-management schemes. In NG, the only supported scheme is IKE. FireWall-1 NG FP1 and earlier also support the FWZ scheme, which Check Point deprecated in NG FP2. I briefly describe FWZ here mostly for historical reasons—its use is not described in this book.

FWZ

FWZ is Check Point's proprietary key-management system and has been available since Check Point made VPN technology part of FireWall-1 in version 2.0. FWZ incorporates the following:

A CA (a FireWall-1 management console)
Asymmetric encryption for the exchange of CA, DH, and per-session encryption keys
Symmetric encryption for actual data encryption using FWZ1, a proprietary Check Point algorithm that encrypts ...

Get Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide by Dameon D. Welch-Abernathy

FWZ, IPSec, and IKE

FWZ

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly