Skip navigation
All Places > About CheckMates > Blog > 2018 > February
2018

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

And yes, if you want to find out about CheckMates Pro: Announcing CheckMates Pro! 

 

Community Highlights

 

What is the practical example to use Bridged Mode?  

Some good discussion about potential use cases for this feature. How are you using it?

 

Bandwidth limit per app /category 

How to confirm the limits you've set are working?

 

RAD kernel errors 

If you're having issues with URL Filtering, this is something to check.

 

Viewing Fan Status on non-Checkpoint Appliance 

For those of you using Open Servers...

 

Creating reports with tracking "per connection" 

Most of the reports in SmartEvent R80.10 are created "per session" instead of "per connection"...by design.

 

Can't connect to management server via smart dashboard 

This is a known issue that impacts fresh installation of R77.30 that occurred after January 24th. Details in this article.

 

Events tab in R80.10 removed? 

Some of the pre-built views in R77.30/NGSE SmartEvent aren't there, but they are easy enough to build or customize.

 

Supporting more Complex Passwords without using a RADIUS/TACACS+ Server 

One of those "bright ideas" I had that I decided to try out and write up

 

fw_runfilter_ex(ctx id 0): function does not exist -1 

If you are pushing a policy to more than one gateway at a time and these gateways have different Inspection Settings...you may run into this issue.

 

Running Management API commands from the R80 SmartConsole GUI - tips and tricks 

A few useful tips and tricks to keep in mind.

 

Upcoming Events

If you're coming to CPX360in Bangkok, CheckMates will be there

 

Meanwhile, our upcoming TechTalks include:

We will update this post with pictures and the like from CPX360 Asia in Bangkok!

 

Past events:

 

CheckMates will have a booth on the Expo floor and will run several breakout sessions as follows:

 

Wednesday 28th February 2018:

  • 13:30 - 14:00: Best of CheckMates: My Top Check Point CLI Commands - Moti SageyDameon Welch Abernathy
  • 14:00 - 14:30: vSEC on AWS cloud use case and best practices - Aaron Mckeown - Head of Security Engineering & Architecture Xero
  • 15:00 - 15:30: Adaptive Security Framework for Internet of Drones - Rohan Patil - Head of Operations, VISTA InfoSec
  • 15:30 - 16:00: Artificial Intelligence in Managed Incident Response - Ramandeep Singh- CEO, QOS Technology

 

Thursday 1 March 2018:

  • 13:30 - 14:00: Industrial Control Systems Use Cases - Mati Epstein - Check Point 
  • 14:00 - 14:30: Check Point R80.X Workflow, API and Automation Use Cases - Ekta Siwani - Senior Software Engineer QOS Technology
  • 15:00 - 15:30: Wait, Wait, Don’t Click That! Minimizing the User Factor as a Security Risk - Joshua Behar, CEO, Ericom
  • 15:30 - 16:00: L’Oréal vSEC Case Study - Jay Togarrati Infrastructure Manager, L’Oréal 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

Last week, the CheckMates team was in Las Vegas.

This week was mostly spent recovering.

However, the community is continuing to grow and expand!

 

How to get all the information about a deleted rule 

Another example of the power of the R80.10 API.

 

Inline layer question 

A good discussion of how packets are processed with inline layers in R80.10.

 

Inspection of Inter-Subnet traffic in AWS VPC using CloudGuard 

Some great stuff here on protecting resources within your VPC on different subnets with CloudGuard (vSEC) gateways!

 

Combining all interfaces in one bond, how bad is this practice? 

Vigorous debate in this thread. There's reasons to do it (and not).

 

Protecting AWS S3 Buckets with SandBlast 

Demoed at CPX360 Las Vegas, you can now protect your S3 buckets with SandBlast!

 

Docker Container Service Objects 

Integrate Docker Containers with the Check Point Security Policy via the API!

 

IP List Enforcement using Identity API  

Another way to block IPs without doing a policy installation, this time using the Identity Awareness API!

 

R80.10 IPS Best Practices Guide 

Finally published and will help you get the most out of IPS in R80.10!

 

Cloud Guard: Automated firewall Cluster Deployment with auto-scaling option 

Even if you're not using Azure, these scripts may help with the creation of cluster objects via scripting (as it's not something that can be done via the R80.x API yet).

 

Blink, anyone ? 

Have you used Blink to install a gateway in 5-7 minutes with jumbo hotfixes? Share your experiences! If you haven't, try today!

 

Great Series of Articles on SMB Devices

Günther W. Albrecht has produced a series of informative documents related to SMB devices that are worth having a look at:

 

Upcoming Events

If you're coming to CPX360in Bangkok, CheckMates will be there

 

Meanwhile, our upcoming TechTalks include:

At CPX360 Las Vegas, we made a big CheckMates-related announcement: CheckMates Pro!

 

The purpose of the CheckMates Pro program is to reward our most active community members.

This is tracked through the use of points that are awarded for taking actions consistent with being an active community member.

This includes, but is not limited to:

  • Originating content on CheckMates that people participate in (either like, comment, vote on, mark as helpful, etc)
    • You are given points for both originating the content and activity that occurs on it.
  • Tag content
  • Mark replies as helpful or correct
  • Follow a space or person
  • Share content
  • Being given badges/awards by other users

 

If you accumulate at least 250 points in a calendar year (tracked from the date you joined CheckMates), you can claim the following benefits:

 

  • A one year evaluation license where you can learn about the power of Check Point Infinity first-hand in your lab
    • This is an extended version of the "All-in-one" Eval you can request through UserCenter today, enabling the ability to use most Security Gateway and Management products.
  • A quarterly meeting with Check Point R&D on a topic area of your choosing

 

Terms and Conditions:

  • Must have earned at least 250 points per calendar year of membership on CheckMates.
  • Must reapply for benefit each year.
  • We reserve the right to modify the terms/conditions at any time.

 

If you qualify and wish to redeem this benefit, please email us at checkmates@checkpoint.com. Please include the User Center account # you wish to apply the benefit to. Requests can be submitted until April 1st

 

CheckMates was out in full force at CPX360 Las Vegas!

Many folks visited our booth:

 

 

And, of course, I was there:

 

 

Moti Sagey was also there presenting to our employees and partners:

 

 

CheckMates proper even made it to a general session, as did this guy FlatMoti:

 

 

That was a backstage shot, but FlatMoti even got on the general stage, thanks to Neatsun Ziv

 

 

We also had breakout tracks that we streamed live (schedule below)

 

Wednesday, 7 February 2018 in the Delfino Ballroom

  • 13:30 - 14:30
    • Best of CheckMates: My Top Check Point CLI Commands - Tim Hall
    • An Infinity Case Study: The Mississippi Secretary of State Experience - Russell Walker - Chief Technology Officer Mississippi Secretary of State 
    • Securing the Education Sector - Terry Hect - AT&T
  • 15:00 - 14:00
    • Deploying Check Point SandBlast Agent from Proof of Concept to Production - Joe Sullivan - Information Security Professional RCB Bank
    • Enterprise Security in the Cloud – The Benefits of Infrastructure as Code - DJ Schleen, Michael Trofi - 1US Holocaust Memorial Museum 

Thursday, 8 February 2018 in the Delfino Ballroom

  • 13:30 - 14:30
    • Cyber Race: Hacking The Giants - Oded Vanunu, Head of Products Vulnerability Research Check Point 
    • Security Infrastructure as Code - Kellman Meghu - Global Security Manager, Sycomp
  • 15:00-16:00
    • Artificial Intelligence in Managed Incident Response - Ramandeep Singh- CEO, QOS Technology 
    • Building your very own Check Point “playground" - Eric Anderson - Chief Technology Officer Netanium 
    • More Security is Less Security Or How HTTPS Blinds Security Architectures - Eric Crutchlow Security Engineer Check Point

 

Here's my makeshift streaming rig:

 

 

And let's not forget the biggest announcement: Announcing CheckMates Pro!

 

While not CheckMates related, strictly speaking, I couldn't resist sharing that Check Point ads will be showing up in airports near you soon!

 

 

 

It was fun, Las Vegas!

Next up for the CheckMates team: Bangkok!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

If you can't wait for the weekly update, we also post relevant threads to our social media accounts:

 

Community Highlights

While I personally took it easy after spending last week in Barcelona for CPX360 and prepping for CPX360 in Las Vegas next week, there was plenty going on here on CheckMates!

 

iPhone Real-time Push notification on Events 

This is something I wish were built into the product natively, but Keld Norman figured how to add it. Coolest "hack" I've seen in quite some time!

 

Show Policy in Smartview Web  

You can't view the policy in SmartView, but you can get a web-based view of your policy...

 

R80.10 - Hide behind many question 

An older thread that's worth highlighting as it comes up from time to time. Otherwise known as "many to fewer" NAT.

 

Problem accessing standby cluster member from non-local network 

Some detailed troubleshooting of this problem...and a solution!

 

Domain object failure in R80.10 (sk120558) 

If you have this issue and can't apply the relevant hotfix, there's a workaround in this thread.

 

How to disable SIP ALG inspection in a specific rule in Checkpoint? Also Could this be done globally, like Cisco ASA? 

Couple of different solutions offered here.

 

FW object rule report 

You can do this using Show Package Tool and the API.

 

Creating Firewall Rules per CLI 

Yes, this is possible since R80. Here's a few practical examples of how to do it.

 

Upcoming Events

If you're coming to CPX360in Las Vegas and Bangkok, CheckMates will be there

 

Meanwhile, our upcoming TechTalks include:

The CheckMates team was at CPX360 in Barcelona!

In fact, we even had a booth:

 

 

I even wore a tie for the occasion!

 

 

We also had some breakout sessions:

 

 

Timothy Hall had an awesome session that he will repeat in Las Vegas!

 

 

Tim really brought a crowd in!

(And yes, I was upfront sharing the photos to social media, as I usually do)

 

 

It was really great to meet various members of the community live and in person!

 

 

 

 

 

And because we were in Barcelona, we can't forget the tapas:

 

 

If you didn't make it to Barcelona, hope to see you in Las Vegas and/or Bangkok!