Skip navigation
All Places > About CheckMates > Blog > 2018 > October
2018

 

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

 

CheckMates in Russia

While I took a week off the road to enjoy fall in the Pacific Northwest, Valeri Loukine did a CPX in Russia followed by one of the largest CheckMates events we've had to date! 

And oh yeah, it was Val's birthday, too!

 

 

Image may contain: 1 person

 

 

Next week? Valeri and I will meet in Denmark for a couple of events.

 

Community Highlights

Meanwhile, here are the conversations worth watching in the community:

 

R80.20 - Portable SmartConsole + Tips and Tricks 

If you want to have multiple installations of the same "version" (but different build) of SmartConsole, Portable is the way to go.

 

Identity Collector Exclusion List 

What happens when you "include" versus "exclude" or leave those blank?

 

Strange Firewall logic for DHCP discover packets 

Handling of an IP of 0.0.0.0...

 

In VRRP cluster, IPSO-390 Voyager and 5600 Gaia R77.30 appliances together 

While you can't cluster these unlike appliances together, you can certainly use VRRP to minimize the downtime when switching over.

 

Python tool for exporting/importing a policy package or parts of it 

This has been updated for API 1.3 (R80.20 API).

 

How to switch to the new log viewer inside SmartConsole (and maybe get a little performance improvement) 

If you can't wait for SmartView to be the default log viewing experience, here's how to enable it now in R80.20.

 

R80.20 - new interesting commands 

I missed this in previous roundups of new posts related to R80.20.

 

VPN details using API 

It's not all there yet, but you can get some of the info.

 

Blocking Psiphon 3 R80.10 

Updated the thread with the latest guidance from R&D.

 

RulebaseExporter/RulebaseImporter 

Another tool to export/import your policy and objects from R80.x.

 

Blink - install Management Server with 1 step - is now available! 

If you want to do a quicker install of Security Management, here's how to do it!

 

How to Request an Evaluation License 

Updated instructions should work for everyone, including people who are not existing Check Point customers. 

 

Upcoming Events

Between Valeri Loukine and I, we'll be busy in the next several weeks!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

 

CheckMates in España and North Carolina

Valeri Loukine brought CheckMates to our CPX in Madrid:

 

 

Meanwhile, I brought CheckMates to the Carolinas as part of a GenV roadshow:

 

 

Community Highlights

Meanwhile, here are the conversations worth watching in the community:

 

Vote for R77.30 support extension 

Support for R77.30 has been extended to September 2019 based on your feedback. 

 

Blocking the connection before final rule match: CPEarlyDrop 

Due to the column-based matching in R80.x gateways, it's possible to drop a connection before the rulebase is fully evaluated. This article explains this "early drop" mechanism.

 

R80.20  - new ClusterXL commands 

We've added some new commands to look at the state of ClusterXL in R80.20.

 

Using SNMP with SandBlast Network 

You can monitor the SandBlast Appliance with SNMP--here's how.

 

Do GEO location objects trump the IPS Geo policy? 

GeoProtection still works the same in R80.20 as it did in previous releases, but you now have the option to put countries in the regular Access Policy. For earlier releases, see: GEO Location Objects in Firewall Policy (with Dynamic Objects)

 

Difference between Session and Connection?? 

I cover this in my "Migrate to R80.20" talk I do in local user groups.

 

80.10 Management Server - 80.20 gateways? 

This will be supported soon...

 

The R80.20 #NoMouse Challenge 

Did you know you could use SmartConsole without a mouse?

 

Upcoming Events

Between Valeri Loukine and I, we'll be busy in the next several weeks!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

 

CheckMates Champions in Israel

We brought CheckMates Members and Contributors of the Year winners to our headquarters in Tel Aviv to collaborate, meet with Check Point R&D, and of course show them the beautiful county of Israel! 

 

It was a pleasure to host you Heiko Ankenbrand, Timothy Hall, Vladimir Yakovlev, and Danny Jung!

 

 

And yes, this included a meeting with Gil and Dorit, who autographed a couple of items for Danny and Heiko!

 

 

Heiko Ankenbrand even made a little video about the experience: Thanks for Checkmates Winners Event  

 

Community Highlights

Meanwhile, conversations continued, despite an issue that prevented some of you from logging in during the week.

Here are the highlights:

 

Properly defining the Internet within a security policy 

This is definitely much easier in R80.10+ gateways where you can use the "Internet" object.

 

SmartConsole AD authentication  

Not natively supported, but it is possible to get working via RADIUS.

 

Article of the Week - Check Point Packet Injector 

Did you know we've had this tool for more than a year now?

 

R80.10 VRRP cluster: To hide or not to hide members ip? 

That...is the question.

 

Threat Prevention Meta Data 

Defines how severity, performance and confidence levels are assigned to new protections across various threat prevention blades.

 

R80.x Security Gateway Architecture (Acceleration Card Offloading) 

One of the sessions we had this week in Tel Aviv was the new acceleration architecture in R80.20, primarily in place to support the upcoming Falcon Accelerator cards (among other things).

 

Check Point For Beginners Lectures Series. Part 1 - The Architecture 

Basics on the Infinity Architecture.

 

Replacing a member in an Azure Cluster 

Works a bit different i public clouds, but it can be done.

 

R80.20 SecureXL + new chain modules + fw monitor 

You'll see a few new things when you start looking around in fw monitor and SecureXL.

 

Using Postman API development tool to experience SandBlast API 

Postman is a great tool for learning how to use the API, and now you can use it with the SandBlast API!

 

Upcoming Events

Between Valeri Loukine and I, we'll be busy in the next several weeks!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

 

CheckMates in Paris

Valeri Loukine did an event in our Paris office this week.

Here's a brief video he recorded prior to the start of the event.

 

 

Community Highlights

Meanwhile we've had a lot of discussions  the past week.

Here's some of the highlights:

 

R80.20 Discussions

Highlighting the threads where R80.20 topics are being discussed.

 

Check Point for Beginners

For those who haven't been around quite as long as Valeri Loukine and I have, we have a brief history lesson: Brief History of Check Point Firewalls . There are also several videos on the subject as well:

More content will be posted here in the coming days/weeks!

 

IPS Analyzer Tool - How to analyze IPS performance efficiently 

Lets you see the performance impact of various IPS protections.

 

High Performance Gateways and Tuning 

Nice followup discussion to TechTalk: Security Gateway Performance Optimization with Tim Hall. See also: Show me yours 

 

Searching zero hits rules in R80.10 

You have to use the API to do it.

 

R77.30 to R80.10 upgrade/migration to new Smart-1?    

Migrate export/import is your friend.

 

ckpSSL ssl lib error 

This can happen when you're attempting to manage unsupported versions of Security Gateway.

 

Enhanced Threat Prevention System Query: Set a Column Profile to Match Your Log Query 

How to more easily see when Threat Prevention signatures get updated.

 

Upcoming Events

Between Valeri Loukine and I, we'll be busy in the next several weeks!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed):

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

 

Community Highlights

Here are the top threads of the past week or so:

 

Check Point R80.20 is now GA

A few threads related to R80.20, which was released in the last week.

 

TechTalk: Security Gateway Performance Optimization with Tim Hall 

The "Super Seven" commands in all their glory. Discussion about and many questions answered!

 

Remote Access VPN in a Load-sharing Cluster Environment 

Here's a thread on getting it all working together.

 

Automatic Configuration of Appliance on boot 

There's a couple ways to do it, depending on if it's a physical appliance or a virtual one.

 

SMS lost connection to all 

SIC got out of sync and needed to be reset.

 

Security Gateway Inventory  

Script has been updated to capture MAC addresses of Security Gateways as well.

 

Install database process 

There is Install Policy and there is Install Database.

 

Mobile Access client options - general questions 

There are several options for Remote Access.

 

Maintenance actions that should be performed by admins 

Are you doing these things on your Security Gateways?

 

Upcoming Events

Between Valeri Loukine and I, we'll be busy in the next several weeks!