It has come to our attention that the Check Point Connectra unified remote access solution has a security option to send a token via SMS as part of the remote user authentication process.
To facilitate this option, the Check Point Connectra Gateway would be configured to transmit the token via an SMS service provider. While SSL/TLS is available to secure the transmission to the SMS service provider, some end users may not have full confidence in the security mechanisms at the SMS service provider.
An alternative SMS solution is to use the Now SMS & MMS Gateway product (or the entry level NowSMS Lite product) in conjunction with a GSM modem.
The NowSMS server and GSM modem can be installed within the customer network, with appropriate firewall and access controls.
For sending SMS messages, the Check Point Connectra Gateway is configured with an HTTP URL to connect over the local network to the NowSMS server. This HTTP connection is performed each time an SMS message needs to be sent.
The NowSMS server requires a GSM modem with an active SIM card subscription to a mobile operator. To the mobile operator, the GSM modem looks like any other mobile phone. The NowSMS server is able to exchange SMS messages with other mobile phones through the GSM modem.
The configuration of the SMS service provider in the Check Point Connectra Gateway requires the following information:
SMS provider URL – For connecting to a NowSMS Server, we recommend the following setting: http://ip.addr:port/?unused=$APIID&user=$USERNAME&password=$PASSWORD&PhoneNumber=$PHONE&text=$MESSAGE
ip.addr would be the IP address of your NowSMS server installation.
port is the “Port Number for the web interface” configured in NowSMS, which defaults to 8800.
Username – This refers to the “User Name” of a user account created on the NowSMS Server under the “SMS Users” page.
Password – This refers to the “Password” of a user account created on the NowSMS Server.
API ID – This parameter is not relevant to NowSMS can be set as blank, or with the text “unused”.
Once these parameters have been properly configured, whenever the Check Point Connectra Gateway needs to send an SMS message, it will connect to the NowSMS server using HTTP, and the SMS message will be transmitted using whatever type of SMSC connection has been configured in NowSMS.