I have a customer running Checkpoint NGx R60 firewall
on a pair of Nokia IP2260. The management server is
a RedLinux 3 ES. I've provided this customer over
the year with tech. support. This firewall has 20
interfaces and about 1000 rules with over 30000 objects.
we are also running OSPF and BGP on the Nokia. There
are 45 site-2-site VPNs on the firewalls with double
NAT between this site and customers' site.
I use comercial tools and freeware to monitor the
firewall security. In other words, if someone
push policy to the firewall, I get alerts. The
security policy is can also be exported in XML or
HTML so that it can be viewed.
Now the customer wants to migrate to a pair of
ASA 5540 platform. I am looking for a tool that
can convert checkpoint rules to Pix rule.
Anyone know if there is such a tool out there
that can do the job? I can imagine the ASA
configuration will be at least 800,000 lines
of configuration. Can the ASA hand the configuration file