cisco security conversion tool (sct) check point ™ to cisco conversion tool
DESCRIPTION
Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool. Cisco Security Conversion Tool (SCT) Overview. Tool to convert a Check Point configuration to a Cisco ASA/PIX/FWSM configuration. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/1.jpg)
1© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Cisco Security Conversion Tool (SCT)
Check Point™ to Cisco Conversion Tool
![Page 2: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/2.jpg)
222© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Cisco Security Conversion Tool (SCT) Overview
• Tool to convert a Check Point configuration to a Cisco ASA/PIX/FWSM configuration.
• Creates a Cisco device configuration that can be managed with CLI, PDM, ASDM or Cisco Security Manager.
• Provides an option to optimize the ACL rule table when used in Cisco Security Manager or ASDM 5.2 or higher.
• Make the tool available at no cost to customers, Cisco SE’s, Advanced Services, and Cisco Security Partners.
Note: The output from this tool should be manually reviewed to verify the accuracy and completeness of the conversion.
![Page 3: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/3.jpg)
333© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
SCT Benefits
• Reduced time to convert from Check Point to Cisco firewalls.
• Increased accuracy in the conversion from Check Point to Cisco firewalls.
• Allows you to use Cisco TAC for questions/support on their new Cisco firewalls.
• Optimized option to convert from Check Point to the new Cisco Security Manager.
• Increased traceability since inline comments are created to indicate which Check Point commands correlate to which Cisco commands.
• Automated report that summarizes the conversion process.
![Page 4: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/4.jpg)
444© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Note
• Several assumptions are made during the conversion process since Check Point and Cisco firewalls are managed differently. A user, Cisco Advanced Services or a partner should manually review and verify the output from Cisco SCT.
![Page 5: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/5.jpg)
555© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
System Requirements
• Runs on Windows XP and 2000 platforms.
• Converts from Check Point 4.x, NG and NGX Firewalls.
• Converts to an ASA/PIX 7.x and FWSM 2.x or 3.x
![Page 6: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/6.jpg)
666© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
What is Required for the Conversion?
• objects.C (Check Point 4.x) or objects_5_0.C (Check Point NG) – contains the objects definition
• <rule>.W – contains the firewall policy information
• (optional) rulebases_5_0.fws– contains the comments information
• Route and interface information from Check Point
![Page 7: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/7.jpg)
777© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
What Will Be Converted?
• Access rules (security policies)
• Network objects and network object groups
• Service objects and service object groups
• NAT rules
• Static routes
• Interface-related configuration
![Page 8: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/8.jpg)
888© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Cisco SCT Output
• Corresponding ASA, PIX, or FWSM CLI configuration.
• Summary of what was converted.
• Conversion report indicating any errors or warnings during the conversion.
• Detailed HTML report with hyperlinks from the CLI conversion to the original Check Point policy.
![Page 9: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/9.jpg)
999© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Getting Started with Cisco SCT
• Download SCT
• Install SCT
• Launch SCT
• Run demo orselect files
![Page 10: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/10.jpg)
101010© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Getting Started with Cisco SCT
• Specify target platform and various options
![Page 11: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/11.jpg)
111111© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Getting Started with Cisco SCT
• Review and edit interface information
![Page 12: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/12.jpg)
121212© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Getting Started with Cisco SCT
• View conversion status and statistics
![Page 13: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/13.jpg)
131313© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Conversion Report
![Page 14: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/14.jpg)
141414© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Cisco Device Configuration
![Page 15: Cisco Security Conversion Tool (SCT) Check Point ™ to Cisco Conversion Tool](https://reader033.vdocument.in/reader033/viewer/2022061617/56814fc3550346895dbd8137/html5/thumbnails/15.jpg)
151515© 2006 Cisco Systems, Inc. All rights reserved.Cisco Channel Confidential
Additional Cisco SCT Resources
• Download Site (requires a CCO user ID): http://www.cisco.com/cgi-bin/tablebuild.pl/sct
• Technical Support:[email protected]
• Report your success and give us feedback! [email protected]