Skip navigation
All Places > About CheckMates > Blog > 2018 > January
2018

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

We had some great talks in our CheckMates tracks at CPX360 in Barcelona this past week, recordings of which we will make available at a later time.

I also met many CheckMates members in person, including Pascal Aebi who did something cool with the backpack that everyone at CPX360 got:

 

 

Meanwhile, here are a few cool threads that happened this past week on the Community:

 

Anonymizer matches all traffic 

A great use of inline layers in R80.10 to restrict the ports specific applications might allow.

 

Exporting data from SmartConsole: How do I select columns? 

Another great tip from Tomer Sole

 

In which cases would you use VSX? 

If you're considering using VSX, this is a good thread to help you decide if it's the right approach or not.

 

ClusterXL on Take_70 does not function properly 

If you're on the bleeding edge, take note of this issue. 

 

CMA IPs not responding to ARP broadcasts 

If you have Cisco VXLAN in your network and have MDS, you might have an issue with ARP. Turns out to be a Cisco bug of sorts.

 

Upcoming Events

If you're coming to CPX360in Las Vegas and Bangkok, CheckMates will be there!

 

Meanwhile, our upcoming TechTalks include:

Check Point is proud to name its CheckMates Member of the Month for January 2018: Gaurav Pandya

 

A network engineer turned security engineer, Gaurav both manages and helps others manage their Check Point firewalls. CheckMates has been a valuable tool for him to learn more and share what he's learned with others.

 

Gaurav, tell us a little about yourself & what you do

I have overall 9 years of IT experience. I started my career as a Network Engineer and then moved into the Security domain – Firewalls (Mainly Check Point) and Proxies. We provide Check Point firewall support for various customers and some of them are managed customers. I'm personally responsible for new implementations, upgrades, and troubleshooting of Check Point firewalls. I also perform configuration and troubleshooting of Cisco and Extreme switches.

 

Tell us a little about your experience with Check Point

I have started to use Check Point from the R65 release on SecurePlatform (SPLAT). I have worked with R70 & R77 versions in SPLAT as well as GAIA. I have done new Implementations and Upgrades for many customers, IPS signature review, and other updates according to customer requirements. I like the new version R80.x, especially the automation capabilities. It has great features with a unified console. I have migrated some customer’s database from R77.30 to R80.10.

 

Do you have a unique deployment of a Check Point product? 

I came across a new requirement of POC of NAT64, which I had not done before. I did it in my LAB and successfully completed a customer POC. I also got support from Dameon Welch Abernathy. See the thread here: IPv6 with Checkpoint R77.30 

 

What do you use the CheckMates platform for? 

Whenever I login to CheckMates, I am learning something new as people are asking questions, doing troubleshooting, and giving tips and tricks which is very helpful. I started to share my thoughts and ask questions which I have faced. It is really great platform!

 

What do you like to do for fun?

In my free time, I play Cricket with my friends and listen to light music, which is relaxing. Sometimes I also read technical books in spare time.

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Highlights from the past week includes:

 

List of different IP addresses to be blocked 

There are many different ways to block a couple hundred thousand IP addresses...without typing them in!

 

How to troubleshoot an app drop with the extended log options 

Great troubleshooting tip here from Tomer Sole

 

Multiple VPN - MEP 

How can I setup a primary and backup S2S VPN tunnels 

Different approaches you can take when you're trying to do multiple VPN paths...depending on whether or not the remote end is Check Point or not.

 

Script for basic configuration capture from bash CLI 

Another great script from Eric Beasley that's useful to document your existing OS configuration.

 

How to test the Management API with the Cloud Demo 

Tomer Sole is on fire with the tips this week, this showing you how to test our R80.x API without having to stand up your own manager to test it!

 

Report for unused objects on R77.30 SMS 

 

While there is an easy way to get this information in R80.10 (See Unused Objects Cleanup), it's a little more challenging in R77.30, but possible, as this thread describes.

 

Policy Installation Stages 

Ever wonder what some of the messages you see during policy installation means?

 

Upcoming Events

If you're coming to CPX360, CheckMates will be there!

Meanwhile, our upcoming TechTalks include:

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Highlights from the past couple of week include:

 

Improve AD Query to Limit WMI Service impact

Great tip from Simon Drapeau on how to make ADQuery work a bit better if you can't migrate to Identity Collector just yet.

 

Drive Mapping with Mobile Access SSL VPN

If you want to map user drives using Mobile Access Blade, check out this tip from Gaurav Pandya!

 

Migrating R75 Management Server to New Release 

R75 has been end of life for a while now. If you're still there, this thread will be helpful to get you to a more recent release.

 

Revisions Management in R80.x 

Yes, it works a little differently in R80.x than it did in past releases. This topic keeps coming back up.

Interfaces based Policies to Zone based Policies 

Zone based policies are a new feature in R80.x. Should you convert to them?

 

 

Did You Know...

You can unsubscribe from the periodic emails sent from the community by following the steps here: How to Unsubscribe from Emails from Community 

 

Upcoming Events

If you're coming to CPX360, CheckMates will be there!

Meanwhile, our upcoming TechTalks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us:

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Highlights from the past couple of weeks include:

 

Clone System to create hot spare management 

This discusses the process and licenses needed to do this (depending on your target).

 

Blink - Full gateway installation in 5 minutes 

Image appliances complete with Jumbo Hotfixes installed...fast!

 

TechTalk: Migrate to R80.10 and New Years Toast 

This has been a much requested topic that I've covered in local CheckMates Live events, now as a TechTalk you can watch anytime!

 

Threat Emulation blade not communicating 

There's some helpful troubleshooting hints in this thread you should try.

 

About protocol detection 

If you're curious about how we detect applications and protocols, there is some discussion in here.

 

Did You Know...

You can unsubscribe from the periodic emails sent from the community by following the steps here: How to Unsubscribe from Emails from Community 

 

Upcoming Events

We are scheduling CheckMates Live events for 2018...we'll share here once we have some confirmed dates and locations.

Meanwhile, our upcoming TechTalks include:

 

Feedback

We would be delighted to hear your feedback! Here are a few ways you can share it with us: