Skip navigation
All Places > About CheckMates > Blog
1 2 3 Previous Next

About CheckMates

78 posts

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

Let us know if you want to have it in your native language as well.

 

CheckMates in the OH!

Moti Sagey, #FlatMoti, and I did an event in Cleveland:

 

Moti then went to St. Louis for a local CPX event:

 

Meanwhile, I drove down to Columbus and did another CheckMates event:

 

Community Highlights

Meanwhile, the  portion of the community continues to roll along!

Here are the top threads and content for the past week:

 

IPS Ease of Use in R80.20 TechTalk 

Want to get a sneak peak of how we're improving IPS in R80.20? Check this TechTalk out! You can also watch recordings of our past TechTalks as well!

 

R80.20 – Integrating Google Cloud Account 

Another "How To..... " Videos by Yair Herling showing you how to integrate with Google Cloud Platform.

 

Security Gateway Packet Flow and Acceleration - with Diagrams 

Different visual takes on how traffic is processed by the Security Gateway, depending on what features are used.

 

postman_collection R80.20.M1 

Postman is a way to see how our API works, and we now have an updated Postman Collection for R80.20.M1 (which does have some API changes).

 

IPS Geo-Policy Whitelist by Domain Name 

Not currently supported, but it's coming and there's a workaround in the meantime.

 

How to use Identity Awareness Tags in R80.20.M1 

Requires R80.10 and above gateways.

 

SIC issue 

Tricky issue the community was able to isolate and fix

 

IPS Bypass 

How does this work? This thread explains it.

 

Eventia Log Parsing & R80.20 (M1) 

If you're ingesting syslogs into your SmartEvent, the following (updated) parser might be useful.

 

Check Point Security gateway freezes, crashes, or reboots randomly, core dump files are not created 

Someone's annotated experience with troubleshooting these issues with sk31511

 

How are you using the SandBlast API? 

Did you realize we have an API for SandBlast? How are you using it? 

 

fw ctl zdebug - yea or nay? 

Do you use fw ctl zdebug? Chime in!

 

Upcoming Events

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language? Sure!

Do not forget that while most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

Let us know if you want to have it in your native language as well.

Community Highlights

While Dameon and flatmoti enjoy their vacation, 

we are having a very busy week here at checkmates:

 

R80.x Security Gateway Architecture (Logical Packet Flow) 

Heiko Ankenbrand endlessly continues perfecting his popular article.

There is also a spin-out discussion:

 

How does the Medium Path (PXL) and Content Inspection work with R80 

were we deepen our understanding of Medium Path and related technological solutions. The newest painting by Heiko Ankenbrand definitely helps:

 

 

Security Gateway Packet Flow and Acceleration - with Diagrams 

That is yet another attempt to put packet flows on a chart or two. This one is based on official Check Point GW architecture diagrams. FW path, Medium and Accelerated Paths are presented separately, for better clarity.

 

 How to use Identity Awareness Tags in R80.20.M1 

Tomer Sole explains the new Identity tagging feature available with R80.20.M1 release

 

R80.10 Upgrade Guide and Best Practices - Slideshow 

This is another Tomer's hit (members only, sorry folks, you need to register to get here)

 

Block specific File extention 

we learn that R80.10 is needed for that.

 

Build Azure CloudGuard using Terraform

the title says it all

 

Checkpoint r77.30 cluster migration from hardware to VM 

We are discussing the most gracious ways to move a cluster into new environment.

 

Check Point Lightboard Series - SandBlast Mobile Architecture 

Must seen video about SandBlast Mobile

 

Oldie but goldie:

Danny Jung's document  is almost one year old yet still steering interesting discussion in the comments: Common Check Point Commands (ccc) 

Another classic diagram R80.x Ports Used for Communication by Various Check Point Modules is still getting lots of hits

 

 

Upcoming Events

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in local language!

 

Community Highlights

Here's some threads to have a look at from the last week or so:

 

My Top 3 Check Point CLI commands 

This thread is more than a year old at this point and it is by far our most viewed and contributed to thread on CheckMates to date!

 

Lightboard Series - Understanding the Shared Responsibility Model 

Another "How To..... " Videos from Yair Herling about 

 

NATs Issue 

Some basics on Network Address Translation covered in this thread.

 

Legacy DHCP 

If you're upgrading to R80.10 and using Legacy DHCP services, check this thread.

 

Questions around API and Monitoring 

The answer is a run-script API call, but you have to read the output. Or use SNMP.

 

 

Packet Mode, a new way of searching through your security policy in R80.10 

It's available via the API but it works a little differently than through SmartConsole.

 

Restart SMB WebUI process (HTTPD) 

More specifically this is about restarting the UserCheck portal, which works the same as it does on a regular Security Gateway.

 

CloudGuard SaaS GA, prerequisites and minimum quantities

CloudGuard SaaS is launching soon and now has it's own space on CheckMates!

 

ICMP-Proto added to Anonymizer 

This issues has been resolved in the latest App Control signatures. Make sure you update and install policy!

 

cpug.org or CheckMates? 

A bit of history of the two sites here.

Upcoming Events

@

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Vancouver and Jackson

Valeri Loukine and I hit the road this week and did events in Vancouver, BC and Jackson, MS!

 

 

 

Community Highlights

Here's some threads to have a look at from the last week or so:

 

How-to Videos:

Last week, Yair Herling created a video about the High Availability Architecture with R80.10. You asked for one with a focus on multi-domain, Yair delivers! R80.10 High Availability in Multi Domain Environments 

We also have videos on Combining AD identity with AWS tags in Check Point CloudGuard Policy  and Step by Step deployment of automated, multi hub Transit VPC from Jonathan Lebowitsch!

 

SandBlast Mobile 3.0

This past week, we released SandBlast Mobile 3.0, which adds quite a lot of new features and functionality. We've got descriptions of the functionality and how to enable it on CheckMates:

 

Want to join R80.20 EA activities? 

We are actively looking for customers to join the R80.20 Early Availability program, specifically the private EA. Check the details here!

 

Emerging Technologies Training and Certification Materials 

Yes, we offer free training on our emerging technologies!

 

OPSEC LEA  pull from a SIEM on R80.10 Smart-1 Log Server 

If you have restricted access between the management and log server and want to pull logs from the log server using LEA, this thread might be helpful.

 

R80.10 IPS packet capture...how does it work? 

If you're curious...

 

Check Point Firewall Admin Tasks 

Did we miss any essential tasks here?

 

Will (Smart)Workflow come back? 

This topic keeps coming up, both  and offline. Here's the definitive thread.

 

R80.x Security Gateway Architecture (Logical Packet Flow) 

Another great community diagram from Heiko Ankenbrand!

 

Tools and referenced SKs for R77.30 appliance to VM migration

For backups, testing upgrades, or actually doing the upgrades...

 

Upcoming Events

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

Community Highlights

Here's some threads to have a look at from the last week or so:

 

How-To Videos

We've had a few "How To..... " Videos added this week:

 

Introduction to SecureKnowledge Weekly 

Valeri Loukine is starting to do a series of articles about SecureKnowledge, Check Point's official Knowledge Base. We also created a specific SecureKnowledge space for discussions related to SecureKnowledge. 

 

Check Point R80.20 Demo TechTalk and Q&A 

In addition to the actual demo (and recording thereof), there were a lot of questions around R80.20 that we answered in the comments.

 

SmartView: Accessing Check Point Logs from Web 

One thing that was improved in R80.20.M1 was SmartView. Some details in this thread.

 

Threat Prevention Policy Layers 

Discussion about how policy layers work for Threat Prevention and when logs are generated.

 

Content Awareness Log with file name 

Curious why sometimes Content Awareness doesn't log file names? Here's why.

 

Is there a way to get a file using the API? 

Not directly, at least currently, but...

 

Check Point Firewall Admin Tasks 

More "best practices" being added to this thread...

 

Is it possible to get gateways config without Manager ? 

This is why you need to do regular backups of your management.

 

R80.x Ports Used for Communication by Various Check Point Modules 

Heiko Ankenbrand keeps updating this fabulous document. 

 

Management API - internal structure 

There's a couple of different API servers: one that serves the REST API, and another one specifically for SmartConsole.

 

Emerging Technologies Web-Based Training Materials 

We offer free training on some of our emerging technologies, as described at the link above!

 

Upcoming Events

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

 

Shenanigans in Tel Aviv

I was in Tel Aviv this week along with Valeri Loukine and... stuff happened.

I talked with new hires about CheckMates:

 

I was a teleprompter for Moti (so was Valeri Loukine) while we were recording part of the Mid-Year Report - Top Wanted Malware of 2018 (so far):

 

And we recorded the live Q&A:

 

Community Highlights

Meanwhile, on the CheckMates community site, several discussions went on.

Here's a sample:

 

Check Point Firewall Admin Tasks 

More suggestions are showing up in this thread. What are your "suggested" task for a new Check Point admin (either totally new to Check Point or just a "new-to-you" Check Point environment)?

 

Forward tracker logs 

"Log Forwarding" only works to other Check Point log/management servers. To send them to syslog, use Log Exporter

 

Basic script for importing IP Address objects from feed (here office365)  

I'm sure, with some hacking, this script could be useful in other contexts!

 

R77.30 VSX appliance upgrade to R80.10 

An old thread that helped at least one person do the upgrade successfully. If you're planning to do this sort of upgrade soon, check it out!

 

VPN Troubleshooting Commands   

A nice list if you're troubleshooting issues with VPN on Check Point.

 

Log export to excel CSV 

Easiest way? Use SmartView!

 

Migrate policy and object to another smartmanagement 

There are many options, especially with R80.x!

 

Show bgp peers across VSX in CLI 

Nice little script

 

Upcoming Events

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

We also have a podcast now!

 

Community Highlights

Aside from Valeri Loukine joining the team, here's what else happened on CheckMates this past week:

 

More on R80.20.M1

A few new threads highlighting features of R80.20.M1:

 

Export Migration Tools 

What you need will depend on where you're starting from (OS) and where you're going to (version).

 

Identity Awareness issue 

Some issues with the MUH agent on a terminal server that were ultimately addressed by upgrading to the latest Jumbo Hotfix on R77.30.

 

Sam Rule and "sam: Failed to enforce inhibit rules" 

This is related to using the R80.x APIs to enforce SAM rules.

 

How to deploy Check Point AWS Quick Start  

A new "How To..... " Video showing how easy it is to deploy Check Point CloudGuard in AWS.

 

Application blocked but where is the application? 

Application Control and URL Filtering are treated similarly, which might cause a policy issue or two if you don't account for it.

 

Reading logs in the Management API ?  

There isn't an "API" for this, but you can use Log Exporter. Or ye olde fw log.

 

Script to Automate GAIA Configuration backup  

This captures the Gaia OS configuration (with some caveats).

 

R80.10 SmartConsole Linking Custom Sub-Views 

Tip of the week right here!

 

Check Point Firewall Admin Tasks 

If you're new to Check Point and taking over the administration of gateways, this thread has a few things you should do.

 

Upcoming Events

I am very pleased to welcome a CheckMates whiz, Valeri Loukine back to the Check Point family!

 

Yes, not too long ago, Valeri played a huge part in Check Point as a Security Engineer and in Professional Services. He later moved on to join Dimension Data and had a brief stint at GuardiCore. With his depth of knowledge, range of experience and having earned a CCSM certification, we will state with total confidence that he really knows his Check Point inside and out.

 

Even though Valeri decided to venture on a different path a few years ago, we knew it was only temporary. During this time, he remained an active player in the Check Point community including on CPUG, and also spoke at CPX 360 in Barcelona!

 

As our shiny new community leader, he’ll be taking the lead on various aspects of CheckMates including creation and facilitation of User Group and thought leadership in Europe and Asia Pacific.

 

On behalf of Moti Sagey, Amit Sharonand the rest of the CheckMates team, we welcome you back to Check Point, Valeri, with arms wide open!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

CheckMates Cyber Security Podcast

Yes, we have a podcast called Check Point CheckMates Cyber Security Podcast

We are taking our regular TechTalks and making the audio available in podcast form.

 

Other, unique content may be added in the future.

 

You should be able to find it in your podcast directory of choice by searching on the podcast name.

For "simple people" like Moti Sagey who use Apple's podcast app: Check Point CheckMates Cyber Security Podcast by Check Point CheckMates on Apple Podcasts 

The RSS feed that should work in any podcast player: https://community.checkpoint.com/podcastfeed 

 

CheckMates in the DMV (DC / Maryland / Virginia)

Peter Dietrich has been running a Check Point user group for a few years now, predating CheckMates.

I came out to talk about the R80.20.M1 release, launched this week!

 

Michael  Butterfield did a brief presentation on Content Awareness in R80.10, which also included a discussion about policy layers in R80.10!

 

 

Community Highlights

Here's what happened on CheckMates this past week:

 

Check Point R80.20.M1 Release

The big "Check Point" news this week was the release or R80.20.M1 (Management-only) release. Here are a few threads on CheckMates related to this:

 

TechTalks

We had two TechTalks this week:

The next one is on R80.20 on July 11th!

Want to be a part of it? Sign up here: TechTalk: R80.20 Demo

 

How to change DMS(CMA) name 

When you import a domain/CMA into R80.10, there's an additional step that didn't exist in earlier releases.

 

Application blocked but where is the application? 

Things can get blocked by a URL Filtering category also (which may be different from the App Control category).

 

Context-Aware Architecture 

Explains a bit about our inspection architecture and how it compares to others.

 

IPv6 to TunnelBroker in R80? 

Yes it can be done. Sample config here.

 

Increasing Fifo Buffers on Firewall Interface 

Some disagreement as to if and when this is necessary. What do you think?

 

IPS protection set to detect from prevent after update 

If you're using staging mode, this is important to keep in mind!

 

Best Practices Guide for upgrading endpoint clients 

The process is discussed in this thread.

 

Increasing Fifo Buffers on Firewall Interface

There seems to be some debate on this. What's your take?

 

Upcoming Events

Moti Sagey

Get a $25 Amazon gift card!

Posted by Moti Sagey Employee Jun 24, 2018

As a valued Check Point customer, your opinion matters to us greatly — and to your peers, too.

  • We invite you to review your Check Point experience on Gartner Peer Insights.
  • Watch this short video on how to review Check Pointon Gartner Peer Insights.
  • Your review (A ~5 mins process) gets you a $25 Amazon gift card and you will be entered into a raffle to win a drone Just send us the confirmation.

 

 How Does it Work? 

Ready to submit your review? Click here to submit today. 

After several days, you will get the confirmation from Gartner. Just send it to  checkmates@checkpoint.com and the Amazon gift card is yours!

 

What is Gartner Peer Insights?

  • Peer Insights is an online platform of ratings and reviews of IT software and services.
  • The reviews are written and read by IT professionals and technology decision-makers like you.
  • The goal is to help IT leaders make more insightful purchase decisions and help technology providers improve their products by receiving objective unbiased feedback from their customers.
  • Reviews take approximately 10 minutes to complete and are anonymous.
  • Take a look at this video how to quickly submit a review

 

If you have any questions about Gartner Peer Insights, please email us: checkmates@checkpoint.com

We are happy to answer any questions that you have.

Thank you for your help!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

Community Highlights

Here are the top threads from the past week:

 

"fw ctl zdebug" Helpful Command Combinations 

Did you know fw ctl zdebug had so many useful combinations?

 

SmartConsole: Multiple ReadWrite sessions for same administrator 

This will be in R80.20. You can play with the Early Availability version now: Check Point R80.20 Production and Public EA

 

Grouping network objects in R80.10 

This feature does exist in R80.10 but had a bug, fixed in SmartConsole R80.10 build 42.

 

R80.10 API Demo Using R80.10 Demo Mode 

If you want to experiment with the R80.x Management API without firing up a local VM, here's how you can use R80.x Demo Mode to do it!

 

SMB 770 default route not via WAN interface 

While not officially supported, you can do it with the following workaround.

 

Major rule-base performance improvements in latest R80.10 Jumbo Hotfix 

Good reason to upgrade to JHF113 or later

 

How can I test SMTP connection in SmartEvent 

Another good reason to upgrade to the latest jumbo hotfix.

 

Is there a command line batch change a large list of IPS protections to prevent? 

Using the R80.x Management API, yes you can. This wasn't possible on R77.x and earlier.

 

IPv6 NAT Support 

NAT64: something that didn't make the cut in R80.10 that is coming back to R80.20. Also looks like NAT46 is coming as well!

 

HTTPS Categorization ... a drama 

If you're troubleshooting why a site isn't categorizing properly (when it did previously), flushing the cache might not be a bad idea. 

 

How to create a TRUSTED ROOT CA? 

May be useful in contexts beyond UserCheck portals for SandBlast.

 

Upcoming Events

It's that time of the month, where we recognize great contributors to the CheckMates community. 

Put your virtual hands together for the Member of the Month for June 2018: Kaspars Zibarts

Had no idea that Kaspars was a fellow Nokian like I was.

Then again, Nokia is a much larger company than Check Point  

He also worked with IP Appliances...in a different capacity than many of us did, though. 

 

 

Kaspars, tell us a little about yourself & what you do?

I have fairly colourful life when comes to geography and politics. I grew up in Soviet Union, graduated University in already independent Latvia, and then started working for Nokia at it’s heyday (mobile networks though, not firewalls). That moved me around quite a bit – living eight years in London, eight years in Sydney whilst delivering projects in Russia, Poland, Finland, Philippines, China, India, Iran (probably should not mention that!). Sometime, in middle of that, I switched to Check Point and finally in 2013 moved to Sweden, which seems to be the final stop. I work at the truck manufacturer Scania right now with number of enterprise security products, with Check Point being my strongest subject.

 

Tell us a little about your experience with Check Point

It was a little random switch back in 2006. I was working with Nokia mobile network SGSN/GGSNs running IPSO when one day I was given ultimatum: if I was to stay with the project in Sydney, I would have to take over and manage the firewall team. Somehow, management thought that my knowledge of IPSO would be enough even though I hadn't the slightest clue back then how a firewall worked. So I joined the Check Point train fairly “late” compare to the other CheckMates – just 12 years ago with R54 release and went through all sorts of HW – Nokia IP boxes, Crossbeam C and X series and then the Checkpoint appliances from 2000 series to chassis.

 

Do you have a unique deployment of a Check Point product?

I guess it’s not that unique as it has been mentioned by others – but we have replicated all Scania appliances worldwide in a single ESX server which makes life so much easier especially when it comes to upgrades and troubleshooting. I literally lived in the lab for 2 months when we upgraded old core VSX 11000 platform to 41000. Was very proud at the end as we didn’t use Check Point Professional Services. We designed the whole upgrade process ourselves and the “outage” was just couple of ping drops during cutover. Not a single incident was raised, even days after upgrade.

 

What do you use the CheckMates platform for?

I was really skeptical at the beginning, but after resolving some of major issues with the help of CheckMates, this is now my first stop for all my troubleshooting if I run out of ideas and SKs. Helping others is both fun and also good for learning new stuff. Lastly, I use it a lot for my coding help and ideas. I've been recommending it to all my colleagues as a great source of Check Point info for quite a while now.

 

What do you like to do for fun?

My passion is surfing, which I did a lot when we lived in Sydney. It’s rather limited here in Sweden, so I’m still searching for something new. I enjoy fixing and building stuff around the house – my wife and kids are always full of new ideas so I’m “Bob the builder” in that process.

 

If you could create any new technology right now, what would it be?

I might be getting old but I think there’s way too much technology around us that sometimes we forget how to live without it.. Maybe it could be technology that disconnects us from the technology.


On a more serious note – some sort of teleportation to travel around world. We went on a holiday last month to re-visit friends and places in Australia and the 30 hour flight from Europe is really boring and a total waste of time in my opinion. We need a new and even faster Concorde!

 

Anything else you'd like to let other CheckMates members know about?

It’s been a driver for most of my career: If I have a repetitive task given that would take, for example, 1hr every day for five days, then I’d rather spend 5hrs on Monday coding a tool that would execute it for me and enjoy coffee Tuesday to Friday. Even though the final effort is the same 5hrs, writing tools / scripts has always been my preference. As so many of us here, I like “digging.” It almost turns into a personal challenge when you suddenly face a problem in the network. Instead of calling up support directly, I will exhaust every avenue possible myself before giving up, admitting defeat and picking up the phone.

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

CheckMates Goes to Foxborough, MA!

Plenty of CheckMates members in New England!

We discussed Migrating to R80.10 and had a little fun afterwords at Splitsville!

 

 

Community Highlights

Here are the top threads from the past week:

 

Index Files option for R80.10 

Even though there isn't a GUI option for this in R80.10 as in past releases, it appears you can add a file that has the appropriate settings in it.

 

What is the Usage of "export" command 

If you're trying to export the configuration of a gateway, it works a little different on Check Point than it does with some other vendors.

 

Is R80.10 Publish same as R77 Save? 

Not exactly, and it's not a bad thing.

 

"fw ctl zdebug" Helpful Command Combinations 

We have fw ctl zdebug commands documented in various Advanced Technical Resource Guides, but this is an attempt to consolidate the useful ones into one place.

 

Enabling Identity Awareness Globally 

Unfortunately this is not currently possible.

 

Increasing Fifo Buffers on Firewall Interface 

You might want to check a few other things first before doing this.

 

Management HA upgrade to R80.10 

Clean install the secondary, then sync.

 

Will (Smart)Workflow come back? 

Functionality wise? Yes. Will be something separate? No.

 

Upcoming Events

 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

CheckMates Birthday Award Winners

I'd like to take a moment to give a shout-out to our Members/Contributors of the Year Award Winners:

CheckMates wouldn't be the great community it is without your awesome contributions!

Well done and thank you on behalf of the community!

 

Community Highlights

Here are the top threads from the past week:

 

CheckMates First Birthday: Ask Us Anything 

While we got in a few of the questions you asked on video as part of the CheckMates First Birthday Celebration!, we couldn't answer them all in a few minutes! We answered a representative sample of the other questions in this document.


Extract "migrate export" and "clish config" from backup 

Did you know you can add a migrate export to the backups taken in Gaia?

 

cpwd_admin list overview (SMS) 

Helpful tool for monitoring the state of your Security Management!

 

Export a rulebase as a CSV file 

An old script back from the days when this site was called Exchange Point, but it's still relevant (and referenced in a newer thread): Management API - Rulebase export as .csv

 

FWM Command in bash script 

If you're going to call any Check Point CLI commands in a shell script, the tip here is important!

 

Exclude Windows updates from Threat Emulation 

In case Windows Updates get caught by Threat Emulation, here's how to make sure they are excluded from emulation.

 

Check Point Packet Inject tool partnered with zdebug drop to see drops on the fly. 

Useful troubleshooting script!

 

Upcoming Events

Here's what's coming up in the next few weeks:

 

 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

CheckMates at CPX National Harbor

Check Point is doing a number of "Check Point Experience" (CPX) events around the US and Europe.

Check the Check Point Events page for the current schedule.

Meanwhile, CheckMates made an appearance at the event we held in National Harbor!

 

 

Community Highlights

Here are the top threads from the past week:

 

How to increase VPN timeout limits?

Can even be done per user group also.

 

How to configure Check Point as WAF? 

While Check Point is not a WAF per-se, it does perform many functions of a WAF.

 

R80.10 SmartConsole - GA build 042 now available 

Go get it!

 

Threat Emulation VM Access 

Want to see Threat Emulation in action? Here's how...

 

Export Logs to another Log Server 

The key is forwarding logs from one server to the other

 

Dynamic revisions in R80.x SmartConsole 

Good explanation of how this works, which is different from R77.x releases.

 

Upcoming Events

Here's what's coming up in the next few weeks: