I am new to 80.10. When looking at reports I am a little lost on creating one. I would like to capture and have a report that details all application data.
What was the outcome of a vulnerability in Parity’s Ethereum wallet software? What have security researchers found out about an adware called Stantinko? How did a security incident lead to the modification of the DNS records for 751 domains that redirected victims’ traffic into a malicious site? Read all about the top attacks, vulnerabilities and… Show more
Hello, we are planning some changes to our Internet firewalls. I would like to know how to check and change the default reference bandwidth used by OSPF calculations. 1) What is the default reference bandwidth used by checkpoint OSPF calculations? How can I verify this? 2) How do I change the reference bandwidth?** *We are on R77 **I am… Show more
Generally speaking, disabling "out of state" checks is not recommended. However, it is sometimes useful in certain situations. In the distant past, it required a policy installation to change this configuration, but it's possible to enable/disable these checks "on the fly," at least temporarily. Refer to the following SK: How to enable/disable… Show more
Hi, I'm trying to upgrade Management from R77.30 (with Add-on package) to R80.10. I have a fresh installed R80.10 management and I'm trying to do a migrate import of the file exported from the original management with R80.10 pre-80 upgrade tool. This procedure fails in the "Importing files..." step. The error produced in the migration log… Show more
In case you have missed, Check Point has recently published new documents describing debug details for GW kernel modules, CoreXL and SecureXL. You can look those up on SecureKnowledge. Or just use direct download links from here: CCMA's blog: R80.10 debug documents are now public
Just had a fun geeky conversation with Dameon Welch Abernathy (AKA Phoneboy) Jony Fischbein , Jeff Schwartz and Michael Poublon (over 100 accumulated years of experience in Check Point products) , on what are our favorite & most useful commands in a Check Point environment. Below are my 3 , plz add yours in the comments (we will do a poll for the… Show more
My favorites for security gateways: cphaprob stat to see the status of high availability clusterXL_admin up/down to force the cluster node into a particular state (good for forcing failover in a healthy cluster so I can do work on a node) vpn tu to see IKE/IPSEC security associations, and remove expired ones from gateways that burped Some…
So I can follow an incoming syslog message all the way into SmartEvent. What I cannot do however is create a report filtering specifically for syslog because the blade does not show up for selection, consequently it does not show up in log view either when trying to select a specific blade for filtering on?? Has anyone encountered/found a… Show more
R80.10 enables security administrators to work on the same policy at the same time. But what happens if a project needs to be finished and the security administrator is not available to do so? R80.10 Session Take Over feature allows for other security administrators to finish the work already started.
It is not uncommon for someone to not be able to come to work. This could hinder some projects that are due right at that time. With R80.10 Session Take Over, it is possible for you to take over the work of other security administrators when needed. Interested in how to do this? Watch the video below. Please let us know if there are other… Show more
Hello guys! I prepared a SNORT rule to drop DoS tools patterns like traffic, the rule is working fine, can you tell after how much time will the FW send the IP's attacking the network after matching the rule? Or is there a way to put in the snort rule a way like send to sam or not? Because I know that for snort there is snortsam a plugin… Show more
Load more items
Hi Team, My name is Marcos and I would like to find the most efficient way to analyze the drops recorded at the CheckPoint logs (SmartLog R77.30). This way I can identify if there are valid communications that need to be allowed in our network or if we may need to contact the source of these drops to stop sending not permitted packets. I hope… Show more