Checking out this place already is a very good point to start.

As you are missing experience, you could set up a test lab for trying out things before you perform any changes on your production environment. Also I strongly recommend attending a CCSA/CCSE training course at your next ATC to get back on track.

I've put together the following ressources you might find useful :

Check Point Support Resources - Top 10

Check Point Support Tools - Top 10

Check Point configuration mistakes - Top 10

Common Check Point Commands (ccc)

HowTo Set Up Certificate Based VPNs with Check Point Appliances

Make sure the Management Server is backed up 6 ways to Sunday and store it in 3 different locations!!! Gateways can be replaced, thousands of network objects and 1000 rule policies are slightly more challenging to get back if lost.

This SK goes over backup/snapshot/export and what you get with each.

Best Practices - Backup on Gaia OS 

If the former admin is not willing to share any information, the company should sue him - they will have to spend much money to keep the installation securely working...

I don't want to say items double, but for me this is most important:

CHANGE ALL ADMIN/ROOT PASSWORDS, delete local user accounts and start creating a network diagraph of the whole infrastructure.

Look for users that can be deleted in Check Point SmartCenter or Multi-Domain-Managent - especially the one of the former admin.

Try to get in contact with your Check Point Sales and Check Point Sales Engineer.

They can help you with general Check Point problems.

Try to get administrator and primary contact of your companies Check Point User Center Account and kick all other users or reduce their rights to a minimum  - especially the one of the former admin. The usercenter account has all our Check Point licenses. They should not fall in wrong hands.

Try to find out which support contract you have with Check Point. I urgent cases Check Point support can help to solve issues - depending on your support level.

The rest was already said...

Good luck!

One thing not listed in the great responses above is to really understand the rulebase. Why are some of the rules in place, and how is the rulebase structured? If you had to add a new rule, would you know where to put it and what all the existing rules/objects mean? I've taken over for other admins or joined teams before, and really understanding a complex rulebase can take some time. 

To expand more on one of the comments, definitely spend time with your Checkpoint SE and/or your VAR SE, as they may have some good information about how your company is working or why they are doing certain things. Maybe you don't have IPS enabled because it broke something when the former admin tried - they may know the answer.

Check and remove all unnecessary local users on GW as well as on Mgmt aside with just changing admin password mentioned above

As a general suggestion from Support perspective, make sure you have an inventory with all your Check Point appliances (Mgmt + GWs) and try to have these details handy:

- Hostname

- Version

- Enabled SW blades ('enabled_blades' command)

- Custom hotfix level, if any special hotfixes (cpinfo -y all... this will come in handy when creating cases with support)

- Jumbo Hotfix level on each appliance ('installed_jumbo_take' for R77.30 / 'cpinfo -y all' for R80.10)

- IP address/mask

- MAC address (needed for RMA purposes)

- Service contract dates

You can also log into your UserCenter account and check any previous tickets that were created for any of those appliances, this may give you a good understanding of the general issues (if any) that previous admins have experienced.

Have a good backup policy (save configuration/backup/mds_backup/snapshot, anything... everything!!). Very important - Get the backups out of the appliance)

Make sure you have enough disk space on appliances (df -h), specially log/mgmt servers.... if you have SmartEvent, check here too.

If you want to go one step further, you can even run the health check script from sk121447 on each appliance... very easy to do, and it can get you a starting point to see your devices' current status.

Ultimately, make sure you have supported/upgraded versions everywhere... lots of enhancements and new code have been added to the latest releases:

sk106162 - R77.30 Jumbo Hotfixes

sk116380 - R80.10 Jumbo Hotfixes

As some people already mentioned, change passwords/users. I cannot stress this enough

You can also run something like "top" on each appliance just to get an idea of how much load it's handling, potentially identifying any device that's constantly at more than ~ 60-80% CPU usage during business hours (may need further review to understand why, or may even need to be replaced with a more powerful unit if it's handling too much load all the time)

Hope this helps!

maybe just to add to the topic - one more thing to start learning when you inherit such estate ...

- get to know your network and infrastructure surrounding Check Point products

- absorb how routing and switching is working with appropiate vlans and virtual devices all around

- get to know how your policies control traffic flow around your gateways

- as well as get to know what is the performance of your estate and what resources runs on each box - do little audit mate what have you got left memory, cpu and disk space wise (df -ahl) and run on each box cpview (new tool) in order to see what have you got inherited in a real life scenarios.

hope it helps  

Jerry

One more thing:

Try to find out if your company has to comply to specific regulations like PCIDSS, SOX, ISO, HIPAA, Basel, NIST etc. pp. and check if your network and all what belongs to the network is compliant.

Dear All,

I wish to thank you all for your contributions with regards to the question above.

I have officially taken over the position.

Regards

Maybe one more thing from my side. It was already mention above that it is good to have inventory list with device names, SW version, support, etc.

I recommend also to check hardware status itself. If is still good enogh and compare it with Support Life Cycle Policy 

It is good to be prepared for ring on bell that the renewal is already needed or will be need soon.