Skip navigation
All Places > About CheckMates > Blog > 2017 > October
2017

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

 

CLI Help  

Starting points for using the CLI with Check Point products

 

Performance Impact of Prevent versus Detect with IPS

The answer to this question might surprise you.

 

TE-1000x Implementation Issue 

If you're having issues doing an initial implementation of your Threat Emulation appliance, there's some some solutions here.

 

Migrate Export Fails (R77.30 OpenServer) 

If you're having issues running a migrate export in order to make a backup of your configuration and/or prepare for an upgrade to R80.10, there's some tips in this thread!

 

Threat emulation for POP3 

Not something Check Point does currently, but it did net some interesting discussion.

 

Did You Know...

 

Each month we nominate a member of the month based on their contributions to the community?

We write a brief piece on the user and share it with the wider CheckMates community!

Last month it was Danny Jung and you can read that piece here: CheckMates Member of the Month for October 2017: Danny Jung

Who's next? I know, but the rest of you will have to wait a little bit longer

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

Searching for Address Spoofing Logs in R80 

You need to use the free text search capabilities of SmartLog to find these entries, as described in this thread.

 

Number of connections depending on dst addresses 

There are a couple of ways to get the results, using the CLI and using SmartView Monitor.

 

SmartLog R80.10 NAT information 

Another helpful tip on finding information (this time on NAT) in R80.10.

 

Guest Ports opened for outbound Internet access 

Do you have a guest network? What do you allow your guests to do? Weigh in here!

 

 

 

Did You Know...

We have local user groups all over the world?

While we span the globe here online, sometimes it's good to get together in person to share ideas, ask questions, and learn what your peers are doing.

The complete list of local groups is available here: CheckMates Local User Groups  

We will share upcoming in-person meetings on CheckMates Live

The locale-specific groups are for region-specific conversations and sharing materials presented in the relevant local group.

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

Installing R80.10 on a 2200

You can definitely install R80.10 on a 2200--as a gateway only, though (not with local management).

 

Check Point Site-to-Site VPN Compatibility Matrix

If you've made a Check Point Security Gateway establish a VPN with a non-Check Point product, please share your experiences here to help the community!

 

ISP Redundancy with Hide NAT

If you're looking to utilize the ISP Redundancy feature along with Policy-Based Routing or NAT, have a look at this thread!

 

Problem with Proxy ARP

A nice thread where the community successfully troubleshooted an issue with Proxy ARP 

 

What information do we need from the remote site customer when creating site to site VPN? 

Danny Jung strikes again, providing a helpful worksheet you can use when setting up a VPN with a remote partner.

 

Did You Know...

 

You can respond to the emails you get from CheckMates to update a thread?

 

Some of you are clearly using this feature, and it's worth repeating this tip again and the associated warning: make sure if you use this feature, your email response doesn't include any signature information or it will be posted along with your messages! I've edited a few messages to remove this information.

 

Unless you've disabled email notifications on your account, which you can do here, you should get an email for new responses on a given thread or content you have chosen to follow, which you can do from the Actions menu:

 

 

When you get the email, it will look something like this:

 

Simply respond to the email like you would any other:

 

 

Your email will appear in the relevant thread as a reply to the comment you are responding to:

 

 

A word of warning: Make sure to disable your email signature on these emails as they will be included in your post to CheckMates. You may not want that. 

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Check Point is proud to name it's CheckMates Member of the Month for October 2017. Please join our volley of applause for Mr. Danny Jung!

 

The October CheckMates Member of the Month is Danny Jung, CTO at Check Point Partner ESC. Danny is a Check Point Know-it-all who loves sharing his knowledge with others. He has been one of the strongest contributors to the community providing advice to fellow members and actively engaging in technical conversations to learn more and stay on the cutting edge of (Check Point) security. Many thanks to Danny for his contributions and participation to help make CheckMates an educational, informative and engaging place to visit!

 

At his day job, Danny lives his dream and shares his passion for all things security. He leads a team of IT-Security specialists, focuses on technical consulting and coordinates meeting customers demands. Danny reviews security infrastructures, evaluates security risks and provides recommendations to customers. He also designs and installs security solutions together with his team to ensure proper implementation with best practice methods always seeking one goal: Customer satisfaction for long-term customer relationships.

 

Deeply familiar with Check Point products, Danny has been working with them for more than 15 years. As part of his on-going commitment to customer success, he is actively engaged in dialog with Check Point via the Check Point User Group (CPUG) and now CheckMates.

 

In his spare time Danny enjoys spending time with his kids Anton & Elly, explaining and exploring this world with them together with his lovely wife, Stefanie.

 

On behalf of CheckMates, we thank Danny for sharing his valuable knowledge with us! We are eager to see the next one to learn from, share with, and inspire other members!

 

Danny, tell us a little about yourself & what you do

I'm CTO at ESC, a Check Point 3-Stars Partner in Germany and co-leading a great team of security specialists and experts.

 

I enjoy doing technical pre-sales, security reviews and consultancy, design, architecture, optimizations, implementations, migrations, upgrades and support. I also do other security vendors, although on a lesser scale. I write technical articles for CheckMates, CPUG and techblog.esc.de and provide technical workshops teaching about IT-Security. Aside from my day job I'm a loving father and husband.

 

Tell us a little about your experience with Check Point

I'm working with Check Point ever since I started to work in IT-Security in 2002. I've assisted Check Point customers developing their IT-Security infrastructures throughout the years, scaling from local mid-sized customers to global top-tech companies. Besides training others I've also attended many Check Point events and workshops to train myself, even together with Check Point's Professional Services Team. I've helped develop Check Point exam questions several times and I'm certified with Check Point's top-level certifications: CCSM and CCSI.

 

Mikael Johnsson once told me at a Check Point Train-the-Trainer session that he is fascinated by how passionate I am. Thanks, I'm doing my job full-heartedly.

 

Do you have a unique deployment of a Check Point product?

My company is a RIPE NCC member, working with its own public IP addresses that are routed across the internet via BGP. Check Point considers our BGP routing implementation a reference installation in Germany. I think this is quite unique.

 

What do you use the CheckMates platform for?

Sharing experience, learning new things and staying in touch with other experts is very important to me. CheckMates is a great place where all this comes together. I enjoy discussing with Check Point professionals and even Check Point's own product specialists so directly. I'm always delighted when Check Point marks my comments and solutions as 'helpful' or even more as 'Correct Answer'.

 

Moti Sagey's "You Sir are awesome!!" responses in regards to my ccc script thread and my 1400 Appliance FAQ simply blew me away.

 

What do you like to do for fun? (Hobbies)

I really enjoy having a good time with my family. Hearing my kids laughing and giggling together means everything to me. I'm also having much fun when I'm able to help others with computer related tasks while I also enjoy nature and music, collecting memories, finding alternative solutions and just having a great time on earth.

 

If you could create any new technology right now, what would it be?

It would be a digital table with touch capabilities that is affordable for everyone. This would enable families to play games in a new form, enjoy photos and videos together, edit, tag and share them with each other, talk to distant family members and so much more. It would offer a completely new way to explore, learn and enjoy new things. I'm not talking about an upscaled iPad or Android Mobile, as this already exists. I really mean a new interface of connecting people together on the same table.

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

If you can't wait for the weekly update, we post relevant threads to our social media accounts:

 

Community Highlights

Here are some highlights from the week's activity on CheckMates:

 

First packet isn't SYN 

This is something you can see in the Firewall logs often. There are a few different causes of it, as explained in this thread.

Can we configure cluster between 5400 and 5600 appliances? 

While we used to allow this back in the Nokia IPSO days with VRRP, this was never a good idea and is not allowed with ClusterXL today. Clusters must contain members with the exact same hardware. 

 

Management behind NAT 

Yes, you can do this, but it requires a couple extra steps.

 

R80 PowerShell Module 

Great work by Tim Koopman on continuing to iterate this PowerShell module for interacting with the Check Point R80 APIs!

 

Threat Prevention policies after R77.30 to R80.10 migration. Is it correct? 

There is a significant difference working with IPS Profiles in R77.30 and earlier versus how it's done with R80+. This thread details how it works and why.

 

Did You Know...

 

Each week (by default) you should get two emails from CheckMates:

  • Weekly summary of community activity
  • Activity from those topics or users you are following.

If you are not following anyone or any particular topic, these emails look exactly the same.

You are, of course, welcome to click on the "Unsubscribe" link at the bottom of these emails, which will disable all emails from CheckMates.

What you might want to do instead is change the reasons and frequency of the emails by going to your preferences: https://community.checkpoint.com/user-preferences!input.jspa 

From here you can set which emails you get when:

 

See also this short video on the subject: Set Email Notification Prefs in CheckMates

 

Upcoming Events

Our upcoming events in the next few weeks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us: