Recent Posts

3 updates since last visit
Carlos Jara
Click to view contentWe have an issue and it's look like "Zombie entries in Identity Awareness tables cause connectivity issues". Zombie entries in Identity Awareness tables cause connectivity issues  How can I upgrade my version?
in Management
Lari Luoma
I know that inline layers are not supported for pre-R80 gateways, but can I even create them (for testing purposes) in R80 SmartConsole? It seems that only ordered layers are supported now?
in Policy Management
Arun Kumar S
Hello all,   Looking for a suggestion on the following.   Requirement: DLP policy enforcement for outbound SMTP Traffic to G Suite mail relay located on internet.   Setup: R80.10 Distributed setup HTTPS inspection not enabled.   Description: The Mail Relay is located at mail-relay.google.com as customer has a G Suite setup. We have enabled… (Show more)
in General Product Topics
Timothy Hall
Click to view contentAs mentioned in the article Revisions Management in R80.x, I do have an informal writeup I use when teaching CCSA R80.10 that helps summarize how R80+ Change Control and Revisions are handled for the inevitable questions that arise in class.  This document is a sprucing up of those notes complete with some new screenshots.   Absolutely no way…
in Policy Management
Ian Cahill
Hi,   I am looking for official documentation on using MDS and A/S Cluster together.  Is this available ?    thanks 
Erakul Siddharth S
Can anyone explain clear about NTP server in checkpoint, how it's getting synchronization with other server time?. Also Share the steps to proceed in GUI and command which used in CLI for clear understanding.
in Management
David Spencer
We have a custom site that we've created an access rule for all users to be able to access. However the page only partially loads. Looking into the logs show that the images used by the website fail to load, as they are being blocked because they are hosted on an external site (*.cloudfront.net) that isnt explicitly allowed.   I'd like to be able… (Show more)
in Policy Management
Jesus Cano
Hi,   I upgraded SMS (virtual) and gateways from R77.20 to R80.10. In SMS i did a clean install with migrate import.  The only doubt is about licensing. I didnt touch anything about licenses in R80 after upgrade was done, so i dont know if i should install/attach the licenses in R80.10 for SMS or GWs. So how can i know if the nodes are working… (Show more)
Jeff Ladd
I have been trying to get my MDS upgraded from R77.30 to R80.10. We run through the upgrade in a VmWare environment to test the upgrade prior to upgrading production, so this is still in my test environment.  My configuration is:  R77.30 T286, 4 CMA’s – 1 of which contains a VSX cluster.  Global policy is assigned to two CMA’s, and has only 1… (Show more)
Heiko Ankenbrand
Click to view contentUnder R80.30 it is possible to encrypt CCP traffic.  This is very useful to protect the cluster from manipulated CCP packets.  Therefore new commands have been implemented on the CLI for this purpose. The following description shows you how to enable CCP encryption. All settings you make on the CLI are permanently stored in the following file…
in General Product Topics
Jeroen Demets
Hi,   we have some CloudGuard gateways running in Azure and some Asian sites have issues reaching them...or the other way around. We can ping from appliances such as 730 models to servers in the encryption domain of the vSEC gateways but not the other way around. And then suddenly it works, and then not anymore. We tried permanent tunnels but it… (Show more)
in CloudGuard IaaS
Muhammad Ali
Hi All,   I have configured two Checkpoint Gateways using GAIA R80.20 and added both security gateways in the Full HA cluster. After configuring the sync interface when I have check the High Availability state using "cphaprob state" command both gateways are appearing as "Active". It is not displaying secondary gateway as "Stand by" gateway. Is… (Show more)
in General Product Topics
Miguel Barrios
Hi Checkmates!, please your help with the following question:   Sandblast (somewhere in the emulation process) can analyze links that comes within a .doc, .pdf, .xls files arriving through email attachment files (MTA) to detect if they lead to malicious sites or zero-day malware files?
in SandBlast Network
Load more items