cparch

Overview of Check Point Architecture and Configuration

Integrate OfficeScan installations with Check Point™ SecureClient™ using Secure Configuration Verification (SCV) within the Open Platform for Security (OPSEC) framework. Refer to the Check Point SecureClient OPSEC documentation before reading this section. Documentation for OPSEC can be found at:

http://www.opsec.com

Check Point SecureClient has the capability to confirm the security configuration of computers connected to the network using Secure Configuration Verification (SCV) checks. SCV checks are a set of conditions that define a securely configured client system. Third-party software can communicate the value of these conditions to Check Point SecureClient. Check Point SecureClient then compares these conditions with conditions in the SCV file to determine if the client is considered secure.

SCV checks are regularly performed to ensure that only securely configured systems are allowed to connect to the network.

SecureClient uses Policy Servers to propagate SCV checks to all clients registered with the system. The administrator sets the SCV checks on the Policy Servers using the SCV Editor.

The SCV Editor is a tool provided by Check Point that allows you to modify SCV files for propagation to client installation. To run the SCV Editor, locate and run the file SCVeditor.exe on the Policy Server. In the SCV Editor, open the file local.scv in the folder C:\FW1\NG\Conf (replace C:\FW1 with the installation path for the Check Point firewall if different from the default).

For specific instructions on opening and modifying an SCV file with the SCV Editor, see Check Point for OfficeScan Configuration.