Dear PhoneBoy (yes you! Dameon Welch Abernathy

is cpug.org dead or alive? are you keeping up with both "spaces" at the same time?

don't you think just for a minute that "merging" those two communities (cpug.org and CheckMates) would be a wonderful idea going forward?  Unless I'm late with this question ... and you've already heard that question ...

b e s t

Jerry

@

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed😞

CheckMates in Vancouver and Jackson

Valeri Loukine‌ and I hit the road this week and did events in Vancouver, BC and Jackson, MS!

Community Highlights

Here's some threads to have a look at from the last week or so:

How-to Videos:

Last week, Yair Herling‌ created a video about the High Availability Architecture with R80.10. You asked for one with a focus on multi-domain, Yair delivers! R80.10 High Availability in Multi Domain Environments 

We also have videos on Combining AD identity with AWS tags in Check Point CloudGuard Policy  and Step by Step deployment of automated, multi hub Transit VPC from Jonathan Lebowitsch‌!

SandBlast Mobile 3.0

This past week, we released SandBlast Mobile 3.0, which adds quite a lot of new features and functionality. We've got descriptions of the functionality and how to enable it on CheckMates:

• Introducing On-device Network Protection (ONP) 
• New Capability for ONP: URL Filtering 
• New Capability for ONP: Anti-Bot 
• New Capability for ONP: Conditional Access 
• New Capability for ONP: Safe Browsing 
• New Capability for ONP: Anti-Phishing 

Want to join R80.20 EA activities? 

We are actively looking for customers to join the R80.20 Early Availability program, specifically the private EA. Check the details here!

https://community.checkpoint.com/community/training-and-certification/blog/2018/07/20/emerging-techn... 

Yes, we offer free training on our emerging technologies!

OPSEC LEA pull from a SIEM on R80.10 Smart-1 Log Server 

If you have restricted access between the management and log server and want to pull logs from the log server using LEA, this thread might be helpful.

R80.10 IPS packet capture...how does it work? 

If you're curious...

Check Point Firewall Admin Tasks 

Did we miss any essential tasks here?

Will (Smart)Workflow come back? 

This topic keeps coming up, both  and offline. Here's the definitive thread.

R80.x Security Gateway Architecture (Logical Packet Flow) 

Another great community diagram from Heiko Ankenbrand‌!

Tools and referenced SKs for R77.30 appliance to VM migration

For backups, testing upgrades, or actually doing the upgrades...

Upcoming Events

• 14th August 2018: Migrate to R80.20.M1, Live in Cleveland!
• 15th August 2018: Migrate to R80.20.M1, Live in Columbus!

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed😞

Community Highlights

Here's some threads to have a look at from the last week or so:

How-To Videos

We've had a few "How To..... " Videos‌ added this week:

• DIY Security Appliance Imaging Using ISOmorphic  
• R80.20 Log Exporter Feature 
• Converting a Check Point 1400 security appliance from Local to Central Management 

https://community.checkpoint.com/community/secure-knowledge/blog/2018/07/15/introduction-to-securekn... 

Valeri Loukine‌ is starting to do a series of articles about SecureKnowledge, Check Point's official Knowledge Base. We also created a specific SecureKnowledge‌ space for discussions related to SecureKnowledge. 

Check Point R80.20 Demo TechTalk and Q&A 

In addition to the actual demo (and recording thereof), there were a lot of questions around R80.20 that we answered in the comments.

SmartView: Accessing Check Point Logs from Web 

One thing that was improved in R80.20.M1 was SmartView. Some details in this thread.

Threat Prevention Policy Layers 

Discussion about how policy layers work for Threat Prevention and when logs are generated.

Content Awareness Log with file name 

Curious why sometimes Content Awareness doesn't log file names? Here's why.

Is there a way to get a file using the API? 

Not directly, at least currently, but...

Check Point Firewall Admin Tasks 

More "best practices" being added to this thread...

Is it possible to get gateways config without Manager ? 

This is why you need to do regular backups of your management.

Ports Used for Communication by Various Check Point Modules 

Heiko Ankenbrand‌ keeps updating this fabulous document. 

Management API - internal structure 

There's a couple of different API servers: one that serves the REST API, and another one specifically for SmartConsole.

https://community.checkpoint.com/thread/8582-emerging-materials-web-training 

We offer free training on some of our emerging technologies, as described at the link above!

Upcoming Events

• 24th July 2018: Migrate to R80.10, Live in Vancouver, BC!
• 26th July 2018: Check Point CheckMates Live in Jackson, MS!
• 14th August 2018: Migrate to R80.20.M1, Live in Cleveland!
• 15th August 2018: Migrate to R80.20.M1, Live in Columbus!‌

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts and our podcast (RSS Feed😞

Shenanigans in Tel Aviv

I was in Tel Aviv this week along with Valeri Loukine‌ and... stuff happened.

I talked with new hires about CheckMates:

I was a teleprompter for Moti (so was Valeri Loukine‌) while we were recording part of the Mid-Year Report - Top Wanted Malware of 2018 (so far)‌:

And we recorded the live Q&A:

Community Highlights

Meanwhile, on the CheckMates community site, several discussions went on.

Here's a sample:

Check Point Firewall Admin Tasks 

More suggestions are showing up in this thread. What are your "suggested" task for a new Check Point admin (either totally new to Check Point or just a "new-to-you" Check Point environment)?

Forward tracker logs 

"Log Forwarding" only works to other Check Point log/management servers. To send them to syslog, use Log Exporter

Basic script for importing IP Address objects from feed (here office365)  

I'm sure, with some hacking, this script could be useful in other contexts!

R77.30 VSX appliance upgrade to R80.10 

An old thread that helped at least one person do the upgrade successfully. If you're planning to do this sort of upgrade soon, check it out!

VPN Troubleshooting Commands  

A nice list if you're troubleshooting issues with VPN on Check Point.

Log export to excel CSV 

Easiest way? Use SmartView!

Migrate policy and object to another smartmanagement 

There are many options, especially with R80.x!

https://community.checkpoint.com/docs/DOC-3014-show-bgp-peers-across-vsx-in-cli 

Nice little script

Upcoming Events

• 18th July 2018: TechTalk: R80.20 Demo 
• 24th July 2018: Migrate to R80.10, Live in Vancouver, BC!
• 26th July 2018: Check Point CheckMates Live in Jackson, MS!
• 14 August 2018: Migrate to R80.20.M1, Live in Cleveland!‌

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!

Past and future posts will be available here: About CheckMates

To have these updates show up in your preferred RSS reader add the following URL: About CheckMates RSS Feed 

See also our social media accounts:

• Twitter: @CPCheckMates
• Facebook: Check Point CheckMates
• LinkedIn: Check Point CheckMates

We also have a podcast now!

• SoundCloud: Check Point CheckMates Cyber Security Podcast
• Podcast RSS: https://community.checkpoint.com/podcastfeed 

Community Highlights

Aside from Valeri Loukine joining the team, here's what else happened on CheckMates this past week:

More on R80.20.M1

A few new threads highlighting features of R80.20.M1:

• SmartView: Accessing Check Point Logs from Web 
• New CloudGuard IaaS features with R80.20.M1 SmartConsole 
• Automate deployment of Indicators of Compromise (IOC) with a new API. 

Export Migration Tools 

What you need will depend on where you're starting from (OS) and where you're going to (version).

Identity Awareness issue 

Some issues with the MUH agent on a terminal server that were ultimately addressed by upgrading to the latest Jumbo Hotfix on R77.30.

Sam Rule and "sam: Failed to enforce inhibit rules" 

This is related to using the R80.x APIs to enforce SAM rules.

How to deploy Check Point AWS Quick Start  

A new "How To..... " Video‌ showing how easy it is to deploy Check Point CloudGuard in AWS.

Application blocked but where is the application? 

Application Control and URL Filtering are treated similarly, which might cause a policy issue or two if you don't account for it.

Reading logs in the Management API ?  

There isn't an "API" for this, but you can use Log Exporter. Or ye olde fw log.

Script to Automate GAIA Configuration backup  

This captures the Gaia OS configuration (with some caveats).

R80.10 SmartConsole Linking Custom Sub-Views 

Tip of the week right here!

https://community.checkpoint.com/thread/8408-checkpoint-firewall-admin-tasks 

If you're new to Check Point and taking over the administration of gateways, this thread has a few things you should do.

Upcoming Events

• 11th July 2018: TechTalk: Mid-Year Report - Top Wanted Malware of 2018 (so far)‌
• 18th July 2018: TechTalk: R80.20 Demo 
• 24th July 2018: Migrate to R80.10, Live in Vancouver, BC!
• 26th July 2018: Check Point CheckMates Live in Jackson, MS!

I am very pleased to welcome a CheckMates whiz, Valeri Loukine back to the Check Point family!

Yes, not too long ago, Valeri played a huge part in Check Point as a Security Engineer and in Professional Services. He later moved on to join Dimension Data and had a brief stint at GuardiCore. With his depth of knowledge, range of experience and having earned a CCSM certification, we will state with total confidence that he really knows his Check Point inside and out.

Even though Valeri decided to venture on a different path a few years ago, we knew it was only temporary. During this time, he remained an active player in the Check Point community including on CPUG, and also spoke at CPX 360 in Barcelona!

As our shiny new community leader, he’ll be taking the lead on various aspects of CheckMates including creation and facilitation of User Group and thought leadership in Europe and Asia Pacific.

On behalf of Moti Sagey‌, Amit Sharon‌, and the rest of the CheckMates team, we welcome you back to Check Point, Valeri, with arms wide open!