Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

• CheckMates in Russian - ЧекМейтс по-русски
• CheckMates en Français
• CheckMates Taiwan論壇

Let us know if you want to have it in your native language as well.

CheckMates Live, Midwest Edition

This past week, I did three live events in Omaha, Des Moines, and Kansas City!

Of the three, the Fishtech office in Kansas City was the most impressive facility, complete with an AV crew:

And classic cars!

Community Highlights

Switch or Cable between ClusterXL members for the sync network? 

A nice "best practices" question. There's reasons to do both. See also the following thread: Check Point Clustering Query 

NAT Rules and fw tab 

Nice little command to print the NAT rules currently installed on the Security Gateway.

CCSA/CCSE certification study material at CP community

We don't have this yet, but would love to see this develop!

[tool] - https://tcpdump101.com 

First noticed on CheckMates in Retenir les commandes FW Monitor, Sean Murray-Ford posted about the tool in English and has already received a lot of great feedback.

R80.10 Security Management Performance Tuning Guide 

This long-overdue guide is now available! Hope we'll see one for R80.20.Mx soon.

VM specifications for the R80.20.M1  

We haven't published official specs for this yet, but there is some guidance in this thread.

Firewall priority queues setting 

More performance tuning education by Timothy Hall. Yes, we are planning a TechTalk on this. Stay tuned!

Activate bashUser via script on a Embedded Gaia device? 

Can be generalized to run any command on an Embedded Gaia (SMB) appliance using cprid.

R80.10 - Apps do not run on all services 

Pro-tip as you're moving your gateways to R80.10.

Check Point Diagnostic Console (cdc)  

A fork of Danny Jung's Common Check Point Commands (ccc) script.

Management API Changelog is now available 

Will be included in future releases as part of the on-device documentation as well.

New to Check Point Scripting - Where to start from? 

There are many ways to "script" in Check Point. 

MOTD after C2S VPN established 

You can run a post-connection script on the client to show a message.

Upcoming Events

• 5th October 2018: Migrate to R80.20.M1, Live in Paris!
• 24th October 2018: Migrate to R80.20 Live in Moscow! 
• 24th October 2018: TechTalk: CloudGuard for AWS - Security Transit VPC Demonstration