This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help

The CheckMates Blog

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
The CheckMates Blog

Here's where we let you know what's going on with the CheckMates Community.

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!

This Week in CheckMates 26 November 2018

PhoneBoy
Admin
Admin
‎2018-11-26 08:00 AM

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed😞

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

CheckMates in Frankfurt and Athens

It was Thanksgiving this past week in the US, so I took a break from the shiny metal tubes and CheckMates events.

Meanwhile, Valeri Loukine‌ packed them in at Frankfurt and Athens:

Amit Sharon‌ and Niran Turgeman‌ also joined Valeri Loukine‌ in Athens!

Community Highlights

Meanwhile, here are the conversations worth watching in the community:

 

Call For Papers CPX 360 2019 

Last week to submit for our CFP for CPX 360! Got something to tell the Check Point community live and on-stage? We'd love to hear from you!

How do I add SecureGateway to Cisco ISE 2.4 using RADIUS? 

A solution eventually came Smiley Happy

SmartConsole Scripts Repository usecases and experience 

Related thread: Proper place to put custom scripts 

Access layer policies 

How ordered layers work

R80.x Performance Tuning Tip – Multi Queue 

Sometimes you need to bring in the heavy guns. See also: Open Server - HCL for multi queue network cards 

R80.20/R80.10 MTA now includes AV blade features 

Update your MTA in CPUSE to get the benefits!

Extract a policy from 77.30 and move it to 80.10 

I think we cover all the possible ways here Smiley Happy

Sandblast and .msg attachments  

Yes, they're supported.

FQDN and Domain Objects in R80.10 when DNS server fail? 

Good things to know and tables to review when troubleshoot.

https://community.checkpoint.com/docs/DOC-3362 

Just like it says Smiley Happy

Upcoming Events

Read more
31 0 4,984

This Week in CheckMates 19 November 2018

PhoneBoy
Admin
Admin
‎2018-11-19 08:00 AM

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed😞

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

CheckMates in Florida and Prague

The problem with being a one-man show sometimes is you don't always get pictures.

In case you need proof I was in Florida, though:

Meanwhile, Valeri Loukine‌ had a good crowd in Prague:

Community Highlights

Meanwhile, here are the conversations worth watching in the community:

Call For Papers CPX 360 2019 

We've extended our CFP deadline to 30th November. Got something to tell the Check Point community live and on-stage? We'd love to hear from you!

*New* Splunk App for Check Point Logs 

Announcing our new integration with Splunk that leverages Log Exporter.

Mac OSX 10.14 Beta (Mojave) 

There's an EA available for this now that you can sign up and be a part of!

If you are tired typing netstat -nr | grep ^x.x.x.x 

Many ways to get the same information.

Kernel global parameters - the most useful settings 

What kernel parameters do you tweak?

Nested layers 

Something we don't currently support, but you can sort of emulate with the existing layers.

Data Center Objects not updating - force refresh? 

How to debug this issue.

Traffic is originating from a VS with the VSX internal communication address 

Not something you want to see.

R80.20.M1 to R80.20 Upgrade 

The procedure has been released but we are also still rolling out the code. 

Management HA: Member in Collision Status 

Always good to make sure your management servers are running the same jumbo hotfix.

Upcoming Events

Between Valeri Loukine and I, we'll be busy in the next several weeks!

Read more
22 0 7,263

This Week in CheckMates 12 November 2018

PhoneBoy
Admin
Admin
‎2018-11-12 08:00 AM

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

 

CheckMates in Kiev and Jacksonville

This week, Valeri Loukine‌ was in Kiev doing our first event. 

Have to say, I'm jealous: it looks like a nice facility!

Meanwhile, I was in Jacksonville, Florida with Adam Forester‌ talking about the API:

Community Highlights

Meanwhile, here are the conversations worth watching in the community:

https://community.checkpoint.com/community/about-checkmates/blog/2018/09/12/call-for-papers-cpx-360-... 

CPX 360 is coming up. Got something to speak about? We'd love to have you!

Invitation to join a new EA program for HTTP/2 inspection 

Need to inspect the next generation of HTTP? This would be a great Early Availability program to be a part of!

Gateway behind NAT. What limitations am I to be aware of? 

My guess is this is more common of a configuration than we think.

HTTP Daemon (Multiportal) on HA Standby device (R80.10 build 421) 

If you're not able to get to HTTPS on the standby device, this is a quick thing to check.

Bypassing IPS Protections - MySQL 

There's a couple ways to exclude certain protections from inspection on certain hosts.

Disable "Local interface address spoofing" 

This comes up when you run a Security Gateway with a mirror port.

 

A neat idea, but we've got a few of these already (and they're linked here).

Migrating policies from standalone gateway to new management server 

Hopefully we'll have a better solution for this problem in the near future. In the meantime, there's this.

Hide NAT issues with virtual addresses 

Don't forget Layer 2 when you NAT.

R80.20 Managing R80.10 Gateway - CPU Increase 

Curious issue where we did find a bug with SecureXL licensing on Open Servers.

https://community.checkpoint.com/docs/DOC-3321-r80x-performance-tuning-tip-smt-hyper-threading 

This applies to R77.x as well on Check Point appliances.

Upcoming Events

Between Valeri Loukine and I, we'll be busy in the next several weeks!

Also, note the upcoming Techtal

Read more
29 2 10.4K

This Week in CheckMates 5 November 2018

PhoneBoy
Admin
Admin
‎2018-11-05 08:00 AM

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed😞

CheckMates in Your Language!

While most of the content on CheckMates is in English, we now have a few groups where both content and discussions are available in other languages! 

CheckMates in Denmark

Valeri Loukine‌ and I joined forces this week to do two events in Denmark: Hellerup (near Copenhagen) and Skanderborg!

(Oh yeah, and FlatMoti too!)

Thank you Inga Nielsen‌ and Niels Poulsen‌ for hosting us!

Community Highlights

Meanwhile, here are the conversations worth watching in the community:

RulebaseExporter/RulebaseImporter 

Uses the API and JQ to process the output. A bit faster than just using the API to do it.

Upgrade from R77.30 to R80.10 via CPUSE 

I do this live all the time in User Group meetings, but it's nice to see a video of the process as well. 

 

Pretty sure I know what the community thinks about this

Firewall rule from remote users to site-to-site network 

Chaining VPNs together.

Gil Shwed & Zohar Alon (Dome9) Ask me Anything 

Hopefully we'll have a TechTalk on Dome9 very soon. Meanwhile, we have a short "ask me anything" video.

Another SmartConsole Usability Issue 

We want to hear all the feedback (good and bad) on CheckMates.

How to migrate Full HA Cluster(r77.30 to r80.10)? 

Assuming your hardware is strong enough to run R80.10 Gateway and Management, here's how.

Is there a way to share View created by one user with other users? 

News on this front.

How to migrate from standalone configuration (R80.10) to distributed? 

While we don't have "official" support for this currently, someone worked out how to make it work

https://community.checkpoint.com/thread/10115-r7730-sessions-vs-r8010-logs-ips-events 

Some differences in how logs are correlated between the two versions.

Upcoming Events

Between Valeri Loukine and I, we'll be busy in the next several weeks!

Read more
22 0 8,233