All multiuser computer systems have some form of login identification (or username) and some sort of password. This has been the basis for authentication on computers since multiuser computer systems came into existence. All authentication mechanisms in FireWall-1 rely on some sort of username and password, the credentials by which a user proves to the firewall who he or she is. Before proceeding, let's briefly discuss passwords.

To date, the vast majority of authentication is done with a static password. Most users, when left to their own devices, choose very simple passwords that are easy to guess. Even if a complicated password is chosen, the password, as it is being typed, can easily be picked off the wire with a packet sniffer. ...

Get Essential Check Point™ FireWall-1® NG: An Installation, Configuration, and Troubleshooting Guide now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.