Enable RADIUS Authentication for SSH and WEBGui access to the Checkpoint firewall


User actions accountability is one of the building blocks of Non-repudiation in Security. In Checkpoint , nevertheless, the default (and widely used) user authentication for SSH and WEBGui sessions is local. Actually Checkpoint thought about that long ago and have been offering Radius authentication for users accessing the SecurePlatform and Gaia via SSH or Webgui for quite long time. I'll put the discussion why they did it as a separately priced feature aside.

But if you have SecurePlatform Pro license for NGX R65 or earlier or Advanced Networking Blade for R70 or later then you can use it once Pro features are enabled on the SPLAT. To help you configuring this I recorded this video , so be secure and enjoy.

PS As always feedback is welcome here as well as to the email yuri@yurisk.info. Direct link to Vimeo

http://vimeo.com/27166040