Skip navigation
All Places > About CheckMates > Blog
1 2 Previous Next

About CheckMates

23 posts

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

Multiple cores for medium path traffic 

A little bit of under the covers discussion about how traffic is accelerated securely through the platform.

 

WebUI does not work with Firefox 56 

There seems to be an issue with the latest versions of Firefox that causes issues when accessing various Check Point WebUIs. More details in this thread.

 

SmartMove

SmartMove is our tool to move Cisco and now Juniper gateway configurations to Check Point R80.10. The tool and the source code are available from the above. 

 

What is ClusterXL and VRRP ? 

They are similar technologies, but function somewhat differently. This thread has a good breakdown of the two technologies.

 

Pre-R80.10 dynamic objects from DNS A record lists.. one liner examples 

If you're not on R80.10 yet and you need to allow access to specific hosts by DNS name, here's a way to achieve that.

 

Using DNS FQDN for object names in policy creation 

Meanwhile, if you're using R80.10, you can use Domain Objects using the FQDN mode.

 

Did You Know...

You can browse all content on the site without respect to which forum/space it's in?

Go to https://community.checkpoint.com/content where you can get a complete list.

I actually use this in order to put together this weekly highlight reel.

You can drill down into specific content types and even make custom RSS feeds showing just the content you're interested in!

 

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

Working With Postman 

Postman is a great tool to allows you to experiment with APIs, such as the ones we provide as part of Check Point Infinity. Peter Elmer wrote a nice document on how to do exactly that. What do you plan to build with our APIs?

 

Read only / write mode switching in R80 

For those who recently upgraded to R80.10 from R77.x, the inability to switch between Read Only and Read/Write mode is worth noting. It's not as much of an issue as it was in R77.x, though, given multiple users can login with Read/Write mode.

 

Missing Technical Marketing Content for R80.10 suite 

Here's your chance to let us know the kinds of content you're looking for on CheckMates, some of which comes from our Technical Marketing team!

 

SecureXL and URL filtering 

Good discussion about how these two features interact.

 

 

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

TechTalk Special Edition: IoTroop -- A New IoT Storm is Coming! 

While we typically aim to do TechTalks on a monthly basis, sometimes we will do one more frequently, particularly for newsworthy items. That's what we did with this TechTalk on IoTroop! View the recording of this talk and the slides using the above link.

 

Exclude CPM Traffic from Implied Rules 

Yes, there's a way to do it, but when VPNs are involved, you probably don't want to do that. Details in the thread.

 

Reverse Proxy Feature of MOB (R80.10) 

There is a new feature added to R80.10 and recent R77.30 Jumbo Hotfix called Reverse Proxy. This thread talks about how it interacts with Mobile Access Blade and other web portals on the Security Gateway.

 

User based access rules in firewall 

This thread discusses how Identity Awareness features in Check Point Security Gateways operates, as well as the new Identity Collector feature added to R80.10.

 

Did You Know...

 

Each month we nominate a member of the month based on their contributions to the community?

We write a brief piece on the user and share it with the wider CheckMates community!

This month it was Vladimir Yakovlev and you can read that piece here: CheckMates Member of the Month for November 2017: Vladimir Yakovlev

Who's next? We'll have to wait and see!

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Check Point is proud to name its CheckMates Member of the Month for November 2017. Please join our volley of applause for Vladimir Yakovlev

 

Vladimir has nearly 20 years of Check Point experience, which began at an institutional broker-dealer where he designed, engineered, and implemented several integrations of their security infrastructure. Currently, he works with EverSec Group, a Check Point VAR which he was previously a customer of.

 

One of my favorite tidbits from Vladimir’s past is his “cloning” of the Nokia IP440 to better learn and tinker with the product. Now, thanks to virtualization and the cloud, it is much easier to stand up test environments. This is how Vladimir is doing it today in addition to helping customers build out their own public and private cloud infrastructures.

 

On behalf of CheckMates, we thank Vladimir for sharing his valuable knowledge with us! We are eager to see the next one to learn from, share with, and inspire other members!

 

Vladimir, tell us a little about yourself & what you do

Formerly, a head of IT for the Institutional broker-dealer G. X. Clarke & Co. I’ve been responsible for design, engineering, and implementation of multiple iterations of their infrastructure for over 18 years.

 

Possibly, due to inherent ancestral expectations that “if things can go wrong, they would”, my designs are always optimized for redundancy, resiliency, and security.

 

As a result, the firm’s infrastructure remained one of the few operational in the Northeast during hurricanes Floyd, Irene and Sandy, Northeast blackout of 2003, as well as during the terrible events of September 11, 2001. In the last 15 years of operation, we had 15 minutes of unplanned downtime.

 

I had the privilege of tutoring and overseeing the final design projects of quite a few very talented interns from Stevens Institute of Technology, who have since graduated and are holding executive positions themselves.

Presently, I am a consultant with primary focus on security controls, POCs, optimization of policies and procedures for large financial institutions or design of the entire physical, virtual, cloud and hybrid infrastructures for SMBs, where Check Point is prominently featured.

 

For the past two years I have enjoyed fruitful collaboration with EverSec Group, a Check Point VAR that I have been a former customer of.

 

Tell us a little about your experience with Check Point

I have been introduced to Check Point in 1998 and was immediately captivated by an entire new world of information about information it let me see and control the flow of. It was not until I’ve cloned the Nokia IP440, built on commodity hardware, that allowed me to tinker with the product.

 

With the release of virtual appliances for VMware, the possibilities for building simulated environments and Proofs of Concepts became truly awesome and I am routinely doing this for my clients and my own experiments.

 

In 2016, I was a lead SE certifying Check Point 15000 and 23000 series of appliances for the Joint Interoperability Test Command of the Department of Defense. For anyone unfamiliar with the process, you pretty much must go over every single feature and capability, and demonstrate the product’s adherence to the strictest security requirements. Even for someone working with Check Point for over a decade, that was an eye-opening experience, as to the breadth of possibilities and the level of forethought that went into design and engineering of this product.

 

Since then, I’ve been helping companies with optimization of their architecture and policies, upgrades and deployments, ranging from simple clusters to sizable MDSM and VSX environments.

 

Now I am increasingly getting involved in cloud and hybrid projects requiring implementation of vSEC. Being fairly fluent in AWS, I am in the process of beefing up my Azure skills to expand my offerings and competency.

 

Do you have a unique deployment of a Check Point product?
I am not sure about this being unique, but have not seen it done elsewhere:

 

For one company on a budget, in order to provide redundancy for their single Management Server, I’ve implemented a virtual Gaia appliance with multiple interfaces. Each of the interfaces was assigned an IP from a network in each location. The routable loopback address was used for management.

 

I then had that address advertised via OSPF to the internal routing area via whatever interface was connected at the time. The VM was replicated to other sites and scheduled backups were copied there as well.

 

During primary sites’ failure, client could power-up the VM, restore latest backup, connect to the same IP and continue managing their gateways.

 

What do you use the CheckMates platform for?

To learn from people who are infinitely more knowledgeable about the product than I am or whose experiences I and my clients can benefit from. To share my findings and ideas and to engage in the intelligent discourse about solutions, approaches and designs.

What do you like to do for fun? (Hobbies)
I am an avid reader. To (loosely) quote George R.R. Martin: “A reader lives a thousand lives. The man who never reads lives only one.” I travel a lot, and am a life-long learner. Occasionally, I write articles on LinkedIn: https://www.linkedin.com/in/vladimiry/detail/recent-activity/posts/

If you could create any new technology right now, what would it be?
Decentralized, unbreakable and simple to use passwordless authentication.

 

Anything else youd like to let other CheckMates members know about?

You are awesome! Either you are here to look for answers or to help others find them. Keep sharing with and helping those new to Check Point. I’ve met a lot of bright young people new to the field that are eager to learn; a few pointers from those with experience mean a world to them.

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

 

CLI Help  

Starting points for using the CLI with Check Point products

 

Performance Impact of Prevent versus Detect with IPS

The answer to this question might surprise you.

 

TE-1000x Implementation Issue 

If you're having issues doing an initial implementation of your Threat Emulation appliance, there's some some solutions here.

 

Migrate Export Fails (R77.30 OpenServer) 

If you're having issues running a migrate export in order to make a backup of your configuration and/or prepare for an upgrade to R80.10, there's some tips in this thread!

 

Threat emulation for POP3 

Not something Check Point does currently, but it did net some interesting discussion.

 

Did You Know...

 

Each month we nominate a member of the month based on their contributions to the community?

We write a brief piece on the user and share it with the wider CheckMates community!

Last month it was Danny Jung and you can read that piece here: CheckMates Member of the Month for October 2017: Danny Jung

Who's next? I know, but the rest of you will have to wait a little bit longer

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

Searching for Address Spoofing Logs in R80 

You need to use the free text search capabilities of SmartLog to find these entries, as described in this thread.

 

Number of connections depending on dst addresses 

There are a couple of ways to get the results, using the CLI and using SmartView Monitor.

 

SmartLog R80.10 NAT information 

Another helpful tip on finding information (this time on NAT) in R80.10.

 

Guest Ports opened for outbound Internet access 

Do you have a guest network? What do you allow your guests to do? Weigh in here!

 

 

 

Did You Know...

We have local user groups all over the world?

While we span the globe here online, sometimes it's good to get together in person to share ideas, ask questions, and learn what your peers are doing.

The complete list of local groups is available here: CheckMates Local User Groups  

We will share upcoming in-person meetings on CheckMates Live

The locale-specific groups are for region-specific conversations and sharing materials presented in the relevant local group.

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

Installing R80.10 on a 2200

You can definitely install R80.10 on a 2200--as a gateway only, though (not with local management).

 

Check Point Site-to-Site VPN Compatibility Matrix

If you've made a Check Point Security Gateway establish a VPN with a non-Check Point product, please share your experiences here to help the community!

 

ISP Redundancy with Hide NAT

If you're looking to utilize the ISP Redundancy feature along with Policy-Based Routing or NAT, have a look at this thread!

 

Problem with Proxy ARP

A nice thread where the community successfully troubleshooted an issue with Proxy ARP 

 

What information do we need from the remote site customer when creating site to site VPN? 

Danny Jung strikes again, providing a helpful worksheet you can use when setting up a VPN with a remote partner.

 

Did You Know...

 

You can respond to the emails you get from CheckMates to update a thread?

 

Some of you are clearly using this feature, and it's worth repeating this tip again and the associated warning: make sure if you use this feature, your email response doesn't include any signature information or it will be posted along with your messages! I've edited a few messages to remove this information.

 

Unless you've disabled email notifications on your account, which you can do here, you should get an email for new responses on a given thread or content you have chosen to follow, which you can do from the Actions menu:

 

 

When you get the email, it will look something like this:

 

Simply respond to the email like you would any other:

 

 

Your email will appear in the relevant thread as a reply to the comment you are responding to:

 

 

A word of warning: Make sure to disable your email signature on these emails as they will be included in your post to CheckMates. You may not want that. 

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Check Point is proud to name it's CheckMates Member of the Month for October 2017. Please join our volley of applause for Mr. Danny Jung!

 

The October CheckMates Member of the Month is Danny Jung, CTO at Check Point Partner ESC. Danny is a Check Point Know-it-all who loves sharing his knowledge with others. He has been one of the strongest contributors to the community providing advice to fellow members and actively engaging in technical conversations to learn more and stay on the cutting edge of (Check Point) security. Many thanks to Danny for his contributions and participation to help make CheckMates an educational, informative and engaging place to visit!

 

At his day job, Danny lives his dream and shares his passion for all things security. He leads a team of IT-Security specialists, focuses on technical consulting and coordinates meeting customers demands. Danny reviews security infrastructures, evaluates security risks and provides recommendations to customers. He also designs and installs security solutions together with his team to ensure proper implementation with best practice methods always seeking one goal: Customer satisfaction for long-term customer relationships.

 

Deeply familiar with Check Point products, Danny has been working with them for more than 15 years. As part of his on-going commitment to customer success, he is actively engaged in dialog with Check Point via the Check Point User Group (CPUG) and now CheckMates.

 

In his spare time Danny enjoys spending time with his kids Anton & Elly, explaining and exploring this world with them together with his lovely wife, Stefanie.

 

On behalf of CheckMates, we thank Danny for sharing his valuable knowledge with us! We are eager to see the next one to learn from, share with, and inspire other members!

 

Danny, tell us a little about yourself & what you do

I'm CTO at ESC, a Check Point 3-Stars Partner in Germany and co-leading a great team of security specialists and experts.

 

I enjoy doing technical pre-sales, security reviews and consultancy, design, architecture, optimizations, implementations, migrations, upgrades and support. I also do other security vendors, although on a lesser scale. I write technical articles for CheckMates, CPUG and techblog.esc.de and provide technical workshops teaching about IT-Security. Aside from my day job I'm a loving father and husband.

 

Tell us a little about your experience with Check Point

I'm working with Check Point ever since I started to work in IT-Security in 2002. I've assisted Check Point customers developing their IT-Security infrastructures throughout the years, scaling from local mid-sized customers to global top-tech companies. Besides training others I've also attended many Check Point events and workshops to train myself, even together with Check Point's Professional Services Team. I've helped develop Check Point exam questions several times and I'm certified with Check Point's top-level certifications: CCSM and CCSI.

 

Mikael Johnsson once told me at a Check Point Train-the-Trainer session that he is fascinated by how passionate I am. Thanks, I'm doing my job full-heartedly.

 

Do you have a unique deployment of a Check Point product?

My company is a RIPE NCC member, working with its own public IP addresses that are routed across the internet via BGP. Check Point considers our BGP routing implementation a reference installation in Germany. I think this is quite unique.

 

What do you use the CheckMates platform for?

Sharing experience, learning new things and staying in touch with other experts is very important to me. CheckMates is a great place where all this comes together. I enjoy discussing with Check Point professionals and even Check Point's own product specialists so directly. I'm always delighted when Check Point marks my comments and solutions as 'helpful' or even more as 'Correct Answer'.

 

Moti Sagey's "You Sir are awesome!!" responses in regards to my ccc script thread and my 1400 Appliance FAQ simply blew me away.

 

What do you like to do for fun? (Hobbies)

I really enjoy having a good time with my family. Hearing my kids laughing and giggling together means everything to me. I'm also having much fun when I'm able to help others with computer related tasks while I also enjoy nature and music, collecting memories, finding alternative solutions and just having a great time on earth.

 

If you could create any new technology right now, what would it be?

It would be a digital table with touch capabilities that is affordable for everyone. This would enable families to play games in a new form, enjoy photos and videos together, edit, tag and share them with each other, talk to distant family members and so much more. It would offer a completely new way to explore, learn and enjoy new things. I'm not talking about an upscaled iPad or Android Mobile, as this already exists. I really mean a new interface of connecting people together on the same table.

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

If you can't wait for the weekly update, we post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

First packet isn't SYN 

This is something you can see in the Firewall logs often. There are a few different causes of it, as explained in this thread.

Can we configure cluster between 5400 and 5600 appliances? 

While we used to allow this back in the Nokia IPSO days with VRRP, this was never a good idea and is not allowed with ClusterXL today. Clusters must contain members with the exact same hardware. 

 

Management behind NAT 

Yes, you can do this, but it requires a couple extra steps.

 

R80 PowerShell Module 

Great work by Tim Koopman on continuing to iterate this PowerShell module for interacting with the Check Point R80 APIs!

 

Threat Prevention policies after R77.30 to R80.10 migration. Is it correct? 

There is a significant difference working with IPS Profiles in R77.30 and earlier versus how it's done with R80+. This thread details how it works and why.

 

Did You Know...

 

Each week (by default) you should get two emails from CheckMates:

  • Weekly summary of community activity
  • Activity from those topics or users you are following.

If you are not following anyone or any particular topic, these emails look exactly the same.

You are, of course, welcome to click on the "Unsubscribe" link at the bottom of these emails, which will disable all emails from CheckMates.

What you might want to do instead is change the reasons and frequency of the emails by going to your preferences: https://community.checkpoint.com/user-preferences!input.jspa 

From here you can set which emails you get when:

 

See also this short video on the subject: Set Email Notification Prefs in CheckMates

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in Checkmates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

If you can't wait for the weekly update, we post relevant threads to our social media accounts:

 

Administrivia

Somehow, I managed to publish the "This Week in CheckMates" post for last week without actually finishing it.

I guess that's an occupational hazard of traveling, as I was in London and Ireland last week for CheckMates events  

If you care, I've updated it with good content from last week: This Week in CheckMates: Week of 18th September 2017

Also, I'm now naming these posts with the date that they intend to be published, so you know to what point they cover.

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

All About Bashware: Overview and Demonstration

Earlier this week our researchers did a deep dive on Bashware, a method that exploits the Windows Subsystem for Linux that's now available for Windows 10, to "hide" from threat prevention products. There's an eye-popping demo you don't want to miss!

 

What is your favorite hidden feature in R80.10? 

R80.10 has a lot of new features, some of them were widely publicized, some where not. What's your favorite?

 

Layers and the Cleanup Rule 

Speaking of new features in R80, we made some improvements in SmartConsole to remind you about the Cleanup Rule and give you some hints about best practices.

 

Does R80.10 support OPSEC? 

Of course it does, but there are a few caveats highlighted in this post.

 

Network object definition based on FQDN 

We've had Domain Objects for quite some time. In R80.10, we improved them substantially.

 

Did You Know...

There is a mobile app available for CheckMates?

While the CheckMates Community site is fairly mobile-friendly, some prefer a native mobile app that can provide push notifications on responses to posts.

You can download the Jive Daily app for iOS or Android as follows:

When prompted, enter community.checkpoint.com as the community and sign in with your User Center credentials.

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in Checkmates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

If you can't wait for the weekly update, follow our Twitter account where threads are highlighted regularly: @CPCheckMates!

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

I am Dorit Dor, VP of Products for Check Point, Ask Me Anything!

We had a lot of great questions asked as part of this event! If you want to see where we're taking the Check Point Infinity vision next, you definitely want to read through this post along with the comments. Follow questions to things mentioned here should be posted on CheckMates in the appropriate space. 

 

Filter option in R80.10 show-access-rulebase API 

This particular API call is case-sensitive. Action != action, it turns out.

 

How to monitor bandwidth limit for application control 

Seems reasonable to want to see how close you are to the limit you've configured for a specific rule, right? Here's how to do that.

 

What is the impact (performance wise and other aspects) of setting Check Point as an MTA so as to utilize Threat Extraction?

Threat Extraction doesn't add much. That said, it depends on the configuration...

 

Managing r80.10 AWS vSEC from On-Prem SMS via existing VPN 

Short answer: you don't manage over a VPN. There's good reasons for not doing this, which are described in the thread.

 

Did You Know...

We are starting up a number of local CheckMates chapters?

We've got a list of areas where groups are forming.

Simply find your local area and ask to join.

There isn't a local one to you? Then ask for one to be created!

 

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in Checkmates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

If you can't wait for the weekly update, follow our Twitter account where threads are highlighted regularly: @CPCheckMates!

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

I am Dorit Dor, VP of Products for Check Point, Ask Me Anything!

We've seen a lot of great questions asked so far of Dr. Dorit Dor, answers for which will be revealed on Monday. Have you got your question in yet?

 

Bulk Add Network Objects

The R80 Management API makes this much easier to do than it was in R77.x with dbedit. 

 

Central Script to run command on multiple gateways

You can leverage the R80 Management API and the cprid_util to remotely execute commands on all your Check Point gateways.

 

Proxy Arp's for subnet not on firewall

How do "arp" for a translated address that's not on your local subnet, particularly when you don't have control over the upstream router? You do something similar to what's described in this thread.

 

Upgrade from R77.20 to R80.10, and failed to verify policy

One thing the Pre-Upgrade Verifier does not do is check the validity of your rules. Which, due to a validation bug in R77.20, caused a problem when upgrading to R80.10.

Sandboxing http/https traffics with third party web proxy in place

In some releases, it is possible to enable ICAP Server support. This will allow you to use a third party web proxy to send traffic to Check Point Threat Emulation.

 

 

Did You Know...

We are starting up a number of local CheckMates chapters?

We've got a list of areas where groups are forming.

Simply find your local area and ask to join.

There isn't a local one to you? Then ask for one to be created!

 

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Each month, we plan to highlight a specific member of the community. For September, that person is Valeri Loukine!

 

The September Check Mates Member of the Month is Valeri Loukine, Sr Security Consulting Architect with Dimension data. Valeri has been one of the strongest contributors to the community providing advice to fellow members and actively engaging in technical conversations to learn more and stay on the cutting edge of (Check Point) security. Many thanks To Valeri for his contributions and participation to help make Check Mates an educational, informative and engaging place to visit!

 

At his day job at Dimension Data Valeri is a “Swiss army knife” for all things security. On any given day he can be found educating potential customers on security, designing customer’s security strategies, or implementing products for customers.

 

Deeply familiar with Check Point products, Valeri has been working with them for more than 15 years. AS part of his on-going commitment to customer success, he is actively engaged in dialog with Check Point via the Check Point user Group (CPUG) and now Check Mates.  While CPUG  has  been  a  great  resource, Check  Mates has  enabled  him to get answers  to  his   technical inquiries  faster through more   direct access   to  Checkpoint  experts.

 

In his spare time Valeri enjoys spending time with his granddaughter in Israel, writing poetry and riding his Harley Davidson through the breath-taking Swiss Alps.

 

On behalf of CheckMates, we thank Valeri for sharing his valuable knowledge with us!

 

Our interview questions and answers are below:

 

Tell us a little about yourself & what you do

These days you can consider me a Swiss Army Knife for Check Point security. I do all of it: technical presales, design, architecture, implementations, migrations, upgrades and support. I also do other security vendors, although on a lesser scale. I train people, write and deliver technical security courses. I consult on security, both on technical and conceptual topics.

 

Tell us a little about your experience with Check Point

I touched Check Point FW first time in 1999. Then it went up hill dramatically after joining Israeli Check Point office in 2000. Since then, I am a Check Point expert. Moving through the ranks, changing positions from VPN QA specialist at the beginning to Check Point Profession Services Consultant at the end of my work at CP Israel would do that to anybody else.

 

After joining Dimension Data in Switzerland in 2008, I commenced participating in CPUG (cpug.org) activities and eventually became CPUG ambassador in Europe. It also happened that I was the first person in Switzerland to achieve CCMA certification. I am most probably the last one to have it still active, at least here

 

You may also mention my CCMA blog: http://checkpoint-master-architect.blogspot.ch/

 

Do you have a unique deployment of a Check Point product?

 

Every single project I do with Check Point is unique. It is really hard to distinguish just one. I have been to places and seen things. Do not even get me started, otherwise I will not stop talking for a week

 

What do you use the CheckMates platform for?

CheckMates is a great tool to share experience, learn things and get in touch with experts. Being a CPUG.org member for over a decade, I have seen multiple Check Point attempts to create something similar. I am happy you have finally found a nice way to do so.

 

What do you like to do for fun? (Hobbies)

Work is fun, most of the time, but I guess the question is not about it. In my spare time, I enjoy spending time with my granddaughter in Israel, writing poetry and riding my Harley. Some hiking in Swiss mountains and touring interesting places are also in the list.

 

 

If you could create any new technology right now, what would it be?

Why should it be technology? One of my distant dreams is to write a book about history of Check Point. Not about technology, although this topic is also fascinating, but about people in and around the company. There are many interesting, dramatic, funny, happy, and sometimes tragic stories there. I have stumbled on some while doing research for a “Short History of Check Point Firewalls” chapter of CPUG papers project: https://www.cpug.org/forums/showthread.php/21868-Paper-1-Brief-History-Of-Check-Point-Firewalls

 

That is a very deep well to drink from, I promise you.

Welcome to "This Week in Checkmates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

If you can't wait for the weekly update, follow our Twitter account where threads are highlighted regularly: @CPCheckMates!

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

Automating IPS

You can leverage the tags feature in IPS profiles in R80+ to make it easier to keep just the right IPS protections active.

 

HowTo - Creating an scpuser account on Gaia Clish

Short and sweet article, which could easily be turned into an Ansible playbook for automation purposes!

 

R77.30 VSX appliance upgrade to R80.10 

If you're planning to upgrade your VSX gateway appliance to R80.10, have a look at this thread. Have you upgraded your VSX to R80.10 yet to leverage 64bit virtual systems, among other things?

 

Activating NGTX (Cloud SandBox) on your gateway 

If you've purchased NGTX with your latest Check Point Appliance package, but haven't activated it yet, here's how to activate it for maximum protection.

 

Check Point Support Resources - Top 10

If you're looking from help from Check Point, here's a list of resources (aside from CheckMates, of course) where you can turn to in order to get help.

 

 

Did You Know...

 

We have a lot of spaces on CheckMates where you can ask for help?

The spaces are organized by topics and product lines.

This is done to make it easier to find relevant content and allows the relevant people inside Check Point to monitor and respond accordingly.

Refer to the following document for a list of products and what spaces they map to: All Products and Where To Post About Them

 

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in Checkmates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

If you can't wait for the weekly update, follow our Twitter account where threads are highlighted regularly: @CPCheckMates!

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

Bandwidth Monitoring of Specific Interface? 

A new user moving from a different vendor's solution asks about how to monitor the bandwidth used by a specific interface. This thread explains how to do that using SmartView Monitor.

How to revert a Policy or discard changes? 

The way you revert a policy to a previous version in R80+ has changed from R77.30 and earlier. This thread details those changes.

 

Log cleaning rule

Nicolas Boisse created a script to query all your gateways, determine their broadcast address, and create a rule that will drop broadcasts from those networks.

 

Check Point configuration mistakes - Top 10

Danny Jung shares his Top 10 configuration mistakes he sees people make. The good news is that in R80.10, we've made it easier to do the right thing. 

 

Updated Scripts from Check Point 

The Check Point R&D API Team updated several of the scripts previously published to Developers (Code Hub) and published the source to Github:

 

Did You Know...

There is a mobile app available for CheckMates?

While the CheckMates Community site is fairly mobile-friendly, some prefer a native mobile app that can provide push notifications on responses to posts.

You can download the Jive Daily app for iOS or Android as follows:

When prompted, enter community.checkpoint.com as the community and sign in with your User Center credentials.

 

Upcoming Events

Our upcoming events in September include:

  • Cloud Security Best Practices with Amit Schnitzer on September 6th
  • Ask Me Anything with Dorit Dor and her team on September 18th

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us: