SNORT (snortsam) integration with Checkpoint NGX R65

["Chiesa Stefano" <Stefano.Chiesa () wki it>]

Hello all.
Now I have a snort (snort, pulledpork, barnyard2, snorby) installation
working and I'd like to start thinking about CP integration.

I know, Sourcefire has been bought by CP years ago and probably their
new IDS is based on snort code...
The forums.snort.org does not work any more (Error 500)... On the
Checkpoint support site nothing at all...

Can someone suggest me a whitepaper, a procedure or something to help me
in the integration?

I also read somewhere that snort could send a RST packet to source and
destination to drop a connection as alternative to fw ip blocking.
Anyone can clarify this point?

Thanks to all in advance.

Stefano.

----------------------------------------
Stefano Chiesa
Wolters Kluwer Italia
Strada 1, Palazzo F6
20090 Milanofiori Assago (Mi) - Italia
Phone +39 0282476279 (20279 Voip)
Fax +39 0282476815


 

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!