Skip navigation
All Places > About CheckMates > Blog > 2018 > August
2018

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

Let us know if you want to have it in your native language as well.

 

CheckMates Live, Midwest Edition

This past week, I did three live events in Omaha, Des Moines, and Kansas City!

 

Of the three, the Fishtech office in Kansas City was the most impressive facility, complete with an AV crew:

 

 

And classic cars!

 

 

Community Highlights

 

Switch or Cable between ClusterXL members for the sync network? 

A nice "best practices" question. There's reasons to do both. See also the following thread: Check Point Clustering Query 

 

NAT Rules and fw tab 

Nice little command to print the NAT rules currently installed on the Security Gateway.

 

CCSA/CCSE certification study material at CP community

We don't have this yet, but would love to see this develop!

 

[tool] - https://tcpdump101.com 

First noticed on CheckMates in Retenir les commandes FW MonitorSean Murray-Ford posted about the tool in English and has already received a lot of great feedback.

 

R80.10 Security Management Performance Tuning Guide 

This long-overdue guide is now available! Hope we'll see one for R80.20.Mx soon.

 

VM specifications for the R80.20.M1  

We haven't published official specs for this yet, but there is some guidance in this thread.

 

Firewall priority queues setting 

More performance tuning education by Timothy Hall. Yes, we are planning a TechTalk on this. Stay tuned!

 

Activate bashUser via script on a Embedded Gaia device? 

Can be generalized to run any command on an Embedded Gaia (SMB) appliance using cprid.

 

R80.10 - Apps do not run on all services 

Pro-tip as you're moving your gateways to R80.10.

 

Check Point Diagnostic Console (cdc)  

A fork of Danny Jung's Common Check Point Commands (ccc) script.

 

Management API Changelog is now available 

Will be included in future releases as part of the on-device documentation as well.

 

New to Check Point Scripting - Where to start from? 

There are many ways to "script" in Check Point. 

 

MOTD after C2S VPN established 

You can run a post-connection script on the client to show a message.

 

Upcoming Events

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

Let us know if you want to have it in your native language as well.

 

CheckMates in the OH!

Moti Sagey, #FlatMoti, and I did an event in Cleveland:

 

Moti then went to St. Louis for a local CPX event:

 

Meanwhile, I drove down to Columbus and did another CheckMates event:

 

Community Highlights

Meanwhile, the  portion of the community continues to roll along!

Here are the top threads and content for the past week:

 

IPS Ease of Use in R80.20 TechTalk 

Want to get a sneak peak of how we're improving IPS in R80.20? Check this TechTalk out! You can also watch recordings of our past TechTalks as well!

 

R80.20 – Integrating Google Cloud Account 

Another "How To..... " Videos by Yair Herling showing you how to integrate with Google Cloud Platform.

 

Security Gateway Packet Flow and Acceleration - with Diagrams 

Different visual takes on how traffic is processed by the Security Gateway, depending on what features are used.

 

postman_collection R80.20.M1 

Postman is a way to see how our API works, and we now have an updated Postman Collection for R80.20.M1 (which does have some API changes).

 

IPS Geo-Policy Whitelist by Domain Name 

Not currently supported, but it's coming and there's a workaround in the meantime.

 

How to use Identity Awareness Tags in R80.20.M1 

Requires R80.10 and above gateways.

 

SIC issue 

Tricky issue the community was able to isolate and fix

 

IPS Bypass 

How does this work? This thread explains it.

 

Eventia Log Parsing & R80.20 (M1) 

If you're ingesting syslogs into your SmartEvent, the following (updated) parser might be useful.

 

Check Point Security gateway freezes, crashes, or reboots randomly, core dump files are not created 

Someone's annotated experience with troubleshooting these issues with sk31511

 

How are you using the SandBlast API? 

Did you realize we have an API for SandBlast? How are you using it? 

 

fw ctl zdebug - yea or nay? 

Do you use fw ctl zdebug? Chime in!

 

Upcoming Events

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language? Sure!

Do not forget that while most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

Let us know if you want to have it in your native language as well.

Community Highlights

While Dameon and flatmoti enjoy their vacation, 

we are having a very busy week here at checkmates:

 

R80.x Security Gateway Architecture (Logical Packet Flow) 

Heiko Ankenbrand endlessly continues perfecting his popular article.

There is also a spin-out discussion:

 

How does the Medium Path (PXL) and Content Inspection work with R80 

were we deepen our understanding of Medium Path and related technological solutions. The newest painting by Heiko Ankenbrand definitely helps:

 

 

Security Gateway Packet Flow and Acceleration - with Diagrams 

That is yet another attempt to put packet flows on a chart or two. This one is based on official Check Point GW architecture diagrams. FW path, Medium and Accelerated Paths are presented separately, for better clarity.

 

 How to use Identity Awareness Tags in R80.20.M1 

Tomer Sole explains the new Identity tagging feature available with R80.20.M1 release

 

R80.10 Upgrade Guide and Best Practices - Slideshow 

This is another Tomer's hit (members only, sorry folks, you need to register to get here)

 

Block specific File extention 

we learn that R80.10 is needed for that.

 

Build Azure CloudGuard using Terraform

the title says it all

 

Checkpoint r77.30 cluster migration from hardware to VM 

We are discussing the most gracious ways to move a cluster into new environment.

 

Check Point Lightboard Series - SandBlast Mobile Architecture 

Must seen video about SandBlast Mobile

 

Oldie but goldie:

Danny Jung's document  is almost one year old yet still steering interesting discussion in the comments: Common Check Point Commands (ccc) 

Another classic diagram R80.x Ports Used for Communication by Various Check Point Modules is still getting lots of hits

 

 

Upcoming Events

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in local language!

 

Community Highlights

Here's some threads to have a look at from the last week or so:

 

My Top 3 Check Point CLI commands 

This thread is more than a year old at this point and it is by far our most viewed and contributed to thread on CheckMates to date!

 

Lightboard Series - Understanding the Shared Responsibility Model 

Another "How To..... " Videos from Yair Herling about 

 

NATs Issue 

Some basics on Network Address Translation covered in this thread.

 

Legacy DHCP 

If you're upgrading to R80.10 and using Legacy DHCP services, check this thread.

 

Questions around API and Monitoring 

The answer is a run-script API call, but you have to read the output. Or use SNMP.

 

 

Packet Mode, a new way of searching through your security policy in R80.10 

It's available via the API but it works a little differently than through SmartConsole.

 

Restart SMB WebUI process (HTTPD) 

More specifically this is about restarting the UserCheck portal, which works the same as it does on a regular Security Gateway.

 

CloudGuard SaaS GA, prerequisites and minimum quantities

CloudGuard SaaS is launching soon and now has it's own space on CheckMates!

 

ICMP-Proto added to Anonymizer 

This issues has been resolved in the latest App Control signatures. Make sure you update and install policy!

 

cpug.org or CheckMates? 

A bit of history of the two sites here.

Upcoming Events