News | CheckMates

Siva Vignesh in Management3 hours ago (Show more)

How does Cluster XL will respond if active device went Hang mode?

If my Active device went Hang mode, I guess the CCP Packets will not be send and now its State by device time to start initiating the CCP and take over the active device state but this is not normally happening, If the active device went Hang mode even then the secondary remains in statndy. Could you please explain why this strange things… (Show more)

1 reply1 new updateShow more activity

Günther W. Albrecht (to Siva Vignesh) 23 minutes ago (Show more Show less)

What do you see in CLI when issuing cphaprob state cphaprob -l list cphaprob -a if on the nodes? If the standby node does not get an update from the active node it will switch to active after a timeout is reached. See Advanced Technical Reference Guide (ATRG) for ClusterXL - R6x, R7x and R8x for details how a failover can be triggered.

Actions

daniel prestes in Logging, Monitoring, Reporting, and Event Analysis2 hours ago (Show more)

Logging policy rules usage

HI, I am trying to do a report which has the source, destination, service, action and rule ID as fields. I am having problems when I try to find the rule Id as a field because I only have these posibilities: Anyone know how to add the field of rule ID? What I am doing is a table inside the report. I know that I can do a filter of the logs… (Show more)

2 replies2 new updatesShow more activity

Tomer Sole

(to daniel prestes) 34 minutes ago (Show more Show less)

The show-package HTML reporter contains hit count. Show Package - Tool to visualize a R80 policy package over HTML pages

Actions

Juan Carlos in Management2 hours ago (Show more)

Automate Administrators creation on R80.10 SMS

Hello, I need to find a way to automate Administrators creation with RADIUS authentication on several Security Sanagement Servers. I don't want the RADIUS administrator to connect on each Security Management Server to creates the Administrators (he is not allowed to do that). I have tried to use the API but unfortunately I got the following… (Show more)

3 replies3 new updatesShow more activity

Marco Valenti (to Juan Carlos) 38 minutes ago (Show more Show less)

Indeed I have missed that part too early morning here so seems that is not supported on a sms sorry for that

Actions

Valeri Loukine

in General Product Topics3 days ago (Show more)

fw ctl zdebug - yea or nay?

31 total votes

15 comments1 new updateShow more activity

Valeri Loukine

(to Maarten Sjouw) 49 minutes ago (Show more Show less)

Any proper debug will show you that. Are you familiar with fw ctl debug tool?

Heiko Ankenbrand in General Product Topics6 days ago (Show more)

R80.x Security Gateway Architecture (Content Inspection)

Introduction This document describes the content inspection in a Check Point R80.10 and above gateways. Context Management Infrastructure (CMI) is the "brain" of the content inspection and use more different modules (CMI Loader, PSL vs. PXL, Protocol Parsers, Pattern Matcher, Protections and new in R80.10 NGTP Architecture) for content…

2 comments1 new updateShow more activity

Modified by Heiko Ankenbrand • 1 hour ago

Nofar a in Logging, Monitoring, Reporting, and Event Analysis3 hours ago (Show more)

export /var/log/audit/audit.log via syslog

Hi guys! Any idea as to how to export /var/log/audit/audit.log from R77.30 GW? Normally I would have done it with audispd, but it's missing from the GW. Thanks!

1 reply1 new updateShow more activity

Marco Valenti (to Nofar a) 1 hour ago (Show more Show less)

Have a look at this , probably is what you are looking for How to export syslog messages from Security Gateway on Gaia OS to a Log Server and view them in SmartView Tracker

Actions

Evgeniy Olkov in SandBlast Agent (Endpoint)20 hours ago (Show more)

Load a folder containing client installers ends with error (R80.20)

Hello. I am trying to use R80.20 for Endpoint Managment Server. But when I upload a package with an agent I got error. My system: Windows 10, DotNet FrameWork 4.7, all security updates. I have tried to upload the package from Windows 7, but have an other error (in attach). From the same PC I can use R77.30 management server. Agent uploading is… (Show more)

4 replies1 new updateShow more activity

Evgeniy Olkov (to Itamar Tubul) 2 hours ago (Show more Show less)

Logs in attach - logs - Google Drive For Windows 10. I am sure, I am an admin.

Actions

soni kumari in Policy Management6 hours ago (Show more)

Database revision control Question.

Is this possible to check which database revision control has restored on R77.30 ?

Bob Bent

in Management9 months ago (Show more)

Unified Policy Column-based Rule Matching

Under the hood in R77 the policy matching process for Application Control, anti-malware, DLP (Data Loss Prevention and NAT (Network Address Translation) is done using a column-based search process. In R80.10 this process is now used to match the connection against the unified policy. The resulting match is still the first rule to match from the… (Show more)

3 repliesShow more activity

Gaurav Pandya (to Bob Bent) 4 hours ago (Show more Show less)

This is really good feature. Is it automatically enabled? or we need to enable this feature?

Actions

Heiko Ankenbrand in General Product Topics17 hours ago (Show more)

R80.20 Release Notes

R80.20 release notes are available, no software yet:-( Link: R80.20 Release Notes

3 commentsShow more activity

Dameon Welch Abernathy

5 hours ago (Show more Show less)

My guess is this was released prematurely. The Public EA for R80.20 is still available and was updated 1 August 2018.

Actions

Dameon Welch Abernathy

in General Product Topics4 months ago (Show more)

Check Point R80.20 Production and Public EA

If you can't wait for R80.20 to be released, you can now participate in the Early Availability program. We offer both Production and Public EA versions. Production EA Who Qualifies for the Production EA program? We are looking for customers willing to deploy in a production environment and willing to work directly with R&D Existing working… (Show more)

26 repliesShow more activity

Dameon Welch Abernathy

(to Dameon Welch Abernathy) 6 hours ago (Show more Show less)

Looks like a new public EA was made available 1 August. Also, we are not currently planning to support the Accelerator Cards with the GA release of R80.20, so I have removed it from the above notes about what features are supported.

Actions

Luis Ramon Santiago in Management12 hours ago (Show more)

PSU on open server

Hi everyone. I'm begin with checkpoint so my knowledge about R80.x is little. I want to know if exists a way to calculate Power Security Units in R80.10 open server, with objetive to get a comparison vs appliance. Thanks for advanced !

1 replyShow more activity

Dameon Welch Abernathy

(to Luis Ramon Santiago) 6 hours ago (Show more Show less)

I assume you mean SPU (Security Power Unit). In general, we do not provide the exact formula used to calculate SPU. Your local SE should be able to help you determine the correct Check Point appliance for your environment.

Actions

Hugo van der Kooij in Logging, Monitoring, Reporting, and Event Analysis17 hours ago (Show more)

LEA field names for email

Hi, I am currently trying to wrap the syslog output of a Barracuda Email Security gateway into the Check Point. While I have seen the LEA fields document of 2011 it seem to me I am missing rather a lot as far as email is concerned. But I might just be missing them. It seems the "from" field works sometimes but not all lines are parsed… (Show more)

1 replyShow more activity

Dameon Welch Abernathy

(to Hugo van der Kooij) 7 hours ago (Show more Show less)

Here’s a more current version of the LEA fields doc… LEA Fields

Actions