Skip navigation
All Places > About CheckMates > Blog
1 2 3 Previous Next

About CheckMates

66 posts

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

CheckMates Goes to Foxborough, MA!

Plenty of CheckMates members in New England!

We discussed Migrating to R80.10 and had a little fun afterwords at Splitsville!

 

 

Community Highlights

Here are the top threads from the past week:

 

Index Files option for R80.10 

Even though there isn't a GUI option for this in R80.10 as in past releases, it appears you can add a file that has the appropriate settings in it.

 

What is the Usage of "export" command 

If you're trying to export the configuration of a gateway, it works a little different on Check Point than it does with some other vendors.

 

Is R80.10 Publish same as R77 Save? 

Not exactly, and it's not a bad thing.

 

"fw ctl zdebug" Helpful Command Combinations 

We have fw ctl zdebug commands documented in various Advanced Technical Resource Guides, but this is an attempt to consolidate the useful ones into one place.

 

Enabling Identity Awareness Globally 

Unfortunately this is not currently possible.

 

Increasing Fifo Buffers on Firewall Interface 

You might want to check a few other things first before doing this.

 

Management HA upgrade to R80.10 

Clean install the secondary, then sync.

 

Will (Smart)Workflow come back? 

Functionality wise? Yes. Will be something separate? No.

 

Upcoming Events

 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

CheckMates Birthday Award Winners

I'd like to take a moment to give a shout-out to our Members/Contributors of the Year Award Winners:

CheckMates wouldn't be the great community it is without your awesome contributions!

Well done and thank you on behalf of the community!

 

Community Highlights

Here are the top threads from the past week:

 

CheckMates First Birthday: Ask Us Anything 

While we got in a few of the questions you asked on video as part of the CheckMates First Birthday Celebration!, we couldn't answer them all in a few minutes! We answered a representative sample of the other questions in this document.


Extract "migrate export" and "clish config" from backup 

Did you know you can add a migrate export to the backups taken in Gaia?

 

cpwd_admin list overview (SMS) 

Helpful tool for monitoring the state of your Security Management!

 

Export a rulebase as a CSV file 

An old script back from the days when this site was called Exchange Point, but it's still relevant (and referenced in a newer thread): Management API - Rulebase export as .csv

 

FWM Command in bash script 

If you're going to call any Check Point CLI commands in a shell script, the tip here is important!

 

Exclude Windows updates from Threat Emulation 

In case Windows Updates get caught by Threat Emulation, here's how to make sure they are excluded from emulation.

 

Check Point Packet Inject tool partnered with zdebug drop to see drops on the fly. 

Useful troubleshooting script!

 

Upcoming Events

Here's what's coming up in the next few weeks:

 

 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

CheckMates at CPX National Harbor

Check Point is doing a number of "Check Point Experience" (CPX) events around the US and Europe.

Check the Check Point Events page for the current schedule.

Meanwhile, CheckMates made an appearance at the event we held in National Harbor!

 

 

Community Highlights

Here are the top threads from the past week:

 

How to increase VPN timeout limits?

Can even be done per user group also.

 

How to configure Check Point as WAF? 

While Check Point is not a WAF per-se, it does perform many functions of a WAF.

 

R80.10 SmartConsole - GA build 042 now available 

Go get it!

 

Threat Emulation VM Access 

Want to see Threat Emulation in action? Here's how...

 

Export Logs to another Log Server 

The key is forwarding logs from one server to the other

 

Dynamic revisions in R80.x SmartConsole 

Good explanation of how this works, which is different from R77.x releases.

 

Upcoming Events

Here's what's coming up in the next few weeks:

 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

CheckMates in Switzerland

This week, we did a CheckMates Live event in Geneva, Switzerland!

We covered a few items:

  • Migrating to R80.10, which I gave.
  • Cloud Security Blueprint, presented by Peter Sandkuijl
  • Cryptomining, Why You Should Care? presented by Lior Arzi

 

 

 

 

Next week, I will be in Washington DC for the Local CPX National Harbor!

 

Community Highlights

Here are the top threads from the past week:

 

R80 CCSM Study Guide

This is helpful for CCSA and CCSE as well since the CCSM covers this and more!

 

Check Point R80.20 Production and Public EA 

The public EA build has been updated and now includes support for Security Gateway (in addition to management)! Remember, this is for sandbox/test deployments only unless you are part of the Production EA program.

 

No prevent option in IPS Port Scan signature 

If you have SmartEvent, you can "prevent" with this signature.

 

ICAP Server on Sandblast Appliance (TEX) 

If you weren't aware, you can enable an ICAP Server on a Threat Emulation appliance to integrate with other security enforcement devices.

 

GUI client unable to access R80.10 management server behind firewall 

Implied rules only work for gateways managed by the same management, not for ones managed by different ones.

 

MTA and Non Delivery Report 

Discussion about how to configure NDRs that need to be sent from the gateway itself, when it is acting as an MTA.

 

How come multiple public IP's aren't working? 

Related to network address translation and ARPs. 

 

Upcoming Events

Here's what's coming up in the next few weeks:

 

It's that time of the month, where we recognize great contributors to the CheckMates community. 

Put your virtual hands together for Member of the Month: Aleksei Shelepov!

While not an originator of many posts, he did generate some excellent discussion around In which cases would you use VSX? and has provided help to many CheckMates members on numerous threads!

 

 

Aleksei, tell us a little about yourself & what you do?

I am from Russia. During my last year at university, I started to work in systems integrator company (kudos to people in ICL), where I learned all the basics of networking and security. This was my first proper job, so I learned quite a lot about pros and cons of having a demanding but very interesting job. I had a lot of business trips all over Russia – for example, I spent almost a month in total somewhere in northern Siberia near a pipeline.


Then I decided I would like to work in an international company with foreign customers, because I like the idea of multi-cultural communications. So, now I work in Poland in Atos, which is a big international corporation. Here I try to actively push the idea of using Check Point products more for our purposes and try to help engineers to get more familiar with it and learn best practices. I participate in projects for EU customers and sometimes help firewall support teams.


Previously I worked with hardware directly – opening boxes with new appliances, mounting them into racks, installing clean image, neat cabling, raising a clean firewall to a production device, fix unexpected issues with own wit (and a bit of duct tape). This is what I miss sometimes now – everything is in datacenters far away.

 

Tell us a little about your experience with Check Point

In the beginning of my work path, I migrated and implemented quite a lot of appliances with Splat R75.30, but the special thing to Russia was the GOST encryption algorithm. It added some funny and painful hours of work to standard procedures. The oldest software version that I saw at that time was R65. Finding and changing the right text file was the main way in Splat to do some advanced configurations. Larger enterprise on my current job helped me to finally meet with R55, IP appliances and IPSO, and some other older things that I missed previously.


I feel comfortable working with Check Point products, it feels like a cozy couch. Most of my work knowledge relates to Check Point, I like new features and ideas that are implemented in new versions, I like how Check Point relies on partners and community. I intend to keep working with it further and more in-depth.

 

Do you have a unique deployment of a Check Point product?

I've seen some mind-boggling deployments that my colleagues were involved in. In my case everything is much simpler, just some big distributed deployments.

 

What do you use the CheckMates platform for?

CheckMates for me is like a useful hobby. Although it is a thing that is related to work, I participate in the community mostly out of interest and curiosity. It helps me to switch my mind a bit from my usual workflow. It feels good when I can provide advice. Sharing knowledge is great for everyone - information is the main resource nowadays.

 

What do you like to do for fun?

In most cases, I'm a homebody. I like to spend time at home with my wife, Maria, watching TV series and movies. I like to read random articles on different topics to learn more about the world. One of my interests and source of pleasant experiences in the last few years is traveling, but for now I'm just starting to understand how it all works.

 

If you could create any new technology right now, what would it be?

Teleportation sounds like a cool candidate for that, it would save a lot of time. But testing and fixing bugs would be a pretty risky task.

 

Anything else you'd like to let other CheckMates members know about?

Not all Russians are hackers.

 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

Community Highlights

Here are the top threads from the past week:

 

CheckMates First Birthday Celebration! 

We're having a party, but some of you are getting the presents (prizes)! Voting is now open for our awards, where you'll be entered to win a Check Point 1490 Appliance! Also, take the opportunity to ask Check Point CEO Gil Shwed and VP of Products Dr. Dorit Dor and it just might be answered in our exclusive conversation with them!

 

VSX: virtual switch/router? 

Should you use virtual switches and routers when using VSX? This thread gives some reasons why (or why not).

 

Script to run migrate export backup 

Couple different scripts are provided in this thread.

 

 

 

 

 

Tip of the day: Clear your personal display settings 

Wondering how to "start fresh" in SmartConsole without reinstalling it? Here's how.

 

Upcoming Events

Here's what's coming up in the next few weeks:

 

As part of our First Birthday celebration, we are having an awards ceremony.

Find the complete list of categories and instructions how to vote here: CheckMates First Birthday Celebration! 

 

The other thing we are doing is a special "Ask Me Anything" for Check Point CEO Gil Shwed and VP of Products Dr. Dorit Dor!

It's similar to our previous AMA I am Dorit Dor, VP of Products for Check Point, Ask Me Anything! but we are taking questions over email instead.

Check the previous AMA to get some examples of questions

 

Please submit them to checkmates@checkpoint.com no later than 26th May 2018.

A selected number of questions will be answered both as text on CheckMates and through a video that we plan to record and release during the first week of June.

As part of our First Birthday celebration, we are having an awards ceremony.

For awards, you need categories and voting!

Over the course of this week, we will share some of the categories and solicit nominations for said categories.

Find the complete list of categories here: CheckMates First Birthday Celebration! 

 

This category is specific to, well, members like you!

This is similar to the Nomination for CheckMates Member of the Year 2018? nomination, but someone who "helps out" more than originates useful material on their own. 

Think of it like the "Best Supporting Actor" role in the Oscars 

 

Nominations

To nominate someone, please send the following information in email to checkmates@checkpoint.com:

  • The name of the person you are nominating, which can NOT be:
    • A Check Point employee
    • Yourself (i.e. someone else must nominate you)
  • A link to their CheckMates Profile
  • A short paragraph why you are nominating them

 

Voting

Voting is now open for this and other categories in our birthday celebration!

We will take your votes until 25th May 2018 @ 11:59pm Pacific Daylight Time. 

A vote will enter you into a raffle for a Check Point 1490 Appliance!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

Community Highlights

Here are the top threads from the past week:

 

CheckMates First Birthday Celebration! 

We're having a party, but some of you are getting the presents (prizes)! Find out more here!

 

Mobile Access Reporting 

Some good suggestions here if you're stuck.

 

How to properly logoff web api session without leaving session open 

The advice applies both to using mgmt_cli and directly calling the R80.x API.

 

SCV Enforcement Per Gateway (Not Global) 

There are other ways to do SCV enforcement with Mobile Access Blade.

 

Detach from Cluster... in R80.10 

This feature was removed in R80, you'll have to delete the cluster member and recreate it.

 

IPS Protections in Detect (Staging) State 

How to make the best use of this new feature in R80.10 to manage IPS protections more effectively.

 

Scheduled FTP transfer NOT working 

You might need to slightly modify your backup scripts when you upgrade to R80.10.

 

Upcoming Events

Here's what's coming up in the next few weeks:

 

As part of our First Birthday celebration, we are having an awards ceremony.

For awards, you need categories and voting!

Over the course of this week, we will share some of the categories and solicit nominations for said categories.

Find the complete list of categories here: CheckMates First Birthday Celebration! 

 

This category is an easy one: What's your favorite post on CheckMates and why?

 

Instructions:

 

Voting

Voting is now open for this and other categories in our birthday celebration!

We will take your votes until 25th May 2018 @ 11:59pm Pacific Daylight Time. 

A vote will enter you into a raffle for a Check Point 1490 Appliance!

As part of our First Birthday celebration, we are having an awards ceremony.

For awards, you need categories and voting!

Over the course of this week, we will share some of the categories and solicit nominations for said categories.

Find the complete list of categories here: CheckMates First Birthday Celebration! 

 

This category is specific to, well, members like you!

Specifically, who is your favorite and why?

 

Nominations

To nominate someone, please send the following information in email to checkmates@checkpoint.com:

  • The name of the person you are nominating, which can NOT be:
    • A Check Point employee
    • Yourself (i.e. someone else must nominate you)
  • A link to their CheckMates Profile
  • A short paragraph why you are nominating them

Voting

Voting is now open for this and other categories in our birthday celebration!

We will take your votes until 25th May 2018 @ 11:59pm Pacific Daylight Time. 

 

Prizes

  • The Member of the Year will receive a trip to our headquarters in Tel Aviv, Israel to meet face-to-face with our R&D team!
  • Everyone who votes will be entered into a raffle to win a Check Point 1490 Appliance!

As a valued Check Point customer, your opinion matters to us greatly — and to your peers, too.

  • We invite you to review your Check Point experience on Gartner Peer Insights.
  • Watch this short video on how to review Check Point on Gartner Peer Insights.
  • Your review gets you a $25 Amazon gift card and you will be entered into a raffle to win a drone :) Just send us the confirmation.

 

 How Does it Works? 

 Ready to submit your review? Click here to submit today. 

After several days, you will get the confirmation from Gartner. Just send it to  checkmates@checkpoint.com and the Amazon gift card is yours!

 

What is Gartner Peer Insights?

  • Peer Insights is an online platform of ratings and reviews of IT software and services.
  • The reviews are written and read by IT professionals and technology decision-makers like you.
  • The goal is to help IT leaders make more insightful purchase decisions and help technology providers improve their products by receiving objective unbiased feedback from their customers.
  • Reviews take approximately 10 minutes to complete and are anonymous.
  • Take a look at this video how to quickly submit a review

 

If you have any questions about Gartner Peer Insights, please email us: checkmates@checkpoint.com

We are happy to answer any questions that you have.

Thank you for your help!

 

 

CheckMates has turned a year old and we're having a party! 

We definitely want to celebrate with all of you as we couldn't have done this without you!

We had an "Oscars"-like ceremony and a couple of cool videos with Check Point CEO Gil Shwed and VP of Products Dr. Dorit Dor!

_______________________________________________________________

 

Ask Us Anything with Gil Shwed and Dorit Dor

We record two short video with Gil Shwed and Dr. Dorit Dor answering some of your questions!

 

 

 

LOOKING FOR MORE ANSWERS? Take a look here....

While we could not answer every question you asked in video form, we wrote answers to a representative sample of your questions here:

CheckMates First Birthday: Ask Us Anything

 

_______________________________________________________________

 

What CheckMates Content and People are The Best of the Best?

 

 

Categories include:

_______________________________________________________________

 

What is CheckMates?

If you've never used CheckMates before, here's a brief explanation:

 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

 

Community Highlights

Here are the top threads from the past week:

 

R80.10 - Where Used object 

The way this works is different in R80.x versus R77.x.

 

Creating VSX Virtual Systems using REST API  

While not formally part of the R80.x API, there is a way to use the API to do it.

 

Tip of the Day: Local R80.x API Documentation 

Speaking of the API, if you have access to your management station, you always have the documentation for the API available. 

 

Issues Restoring Gaia Backup in R80.10 JHF 70, 79, 85, 91 

A good reason to upgrade to JHF 103, which is now GA! Take_103 JHFA is now GA. Do not install Take_91.

 

GAiA WebUI not working with latest Chrome browser 

With an updated fix...and it's even in the SK now

 

Pablos Holman: Inside The Mind of a Hacker (Excerpt) 

This was one of the best talks we had at CPX360, and we finally made the video available! The above is an excerpt and contains a link to the full video.

 

Difference between HTTPS Inspection and Categorize HTTPS websites settings

This has been covered on CheckMates before, but it comes up with new members.

 

Can someone advise the way to get future Release Notifications automatically? 

Yes, you can

 

Introduction to RESTful APIs and JSON format 

If you've never used REST APIs before, here's a nice introduction along with how it translates to mgmt_cli.

 

Upcoming Events

Here's what's coming up in the next few weeks:

 

It seems crazy, but it's been a year since we started CheckMates. 

And yes, we are going to have a party to celebrate.

As part of this, we are going to give out a few awards, Oscars style, with a video to announce the winners with special guests.

 

During my last visit to Israel, I sat with Amit Sharon and Moti Sagey and we came up with a couple of categories that we will solicit nominations for:

  • Post of the Year
  • Member of the Year
  • Check Point Feature of the Year

 

I would love to get additional ideas from the community for award categories.

Think of it as an RFC (Request for Categories)

From among the submissions, which should occur as comments to this post, we will choose a few to include in our list above.

Next week, we will begin soliciting for nominations in each category.