cancel
Showing results for 
Search instead for 
Did you mean: 
Start an article

The CheckMates Blog

Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

Community Highlights

Here are the threads to watch from the last week:

R80.10 Jumbo Hotfix 214

New ongoing jumbo hotfix is available for R80.10.

R80.20.M2 Jumbo Hotfix

If you're considering this release, consider R80.30 instead.

Change admin Password to Enter SmartConsole R80.10

Couple ways to do it.

Is Both HTTPS Inspection and Categorize HTTPS Websites Supported?

From R80.20, yes.

Different DNS Server per VS

Not currently supported.

SmartLog (and SmartView) Query Syntaxes

How to search for different networks in the logs.

Proxy ARP on Gaia

When working with NAT.

Creating (and Updating) Network Objects via API

What's the process for figuring out an object exists and updating it?

Protocol Signatures

What are they?

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Here's where you can find @Valeri_Loukine and I over the next few weeks

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
0 0 415
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

Community Highlights

Here are the threads to watch from the last week:

Dynamic CLI and Gaia APIs TechTalk and Q&A

If you missed it, the recording and slides are here.

Is It Possible to Export and Import Host Objects?

Of course it is.

Details of Fields Logged

We don't have a comprehensive document, but Log Exporter has some of it documented.

Legacy Auth on R80.10 Gateways

It works, but you should really move to Identity Awareness.

Why are some IPS Signatures Inactive?

Check the Threat Prevention profile settings.

Why Do We See Logs on Rules Which Are Not Installed Yet?

It's a feature.

Updateable Objects and NAT

Apparently, this is also a feature.

Publish and Install Difference

For those new to R80.x.

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 

Read more
0 0 864
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates in Russia, Kazakhstan, and Canada

The CheckMates team was busy getting the word out all over the world! @Valeri_Loukine was in Moscow and Almaty:

WhatsApp Image 2019-04-19 at 04.01.55.jpeg WhatsApp Image 2019-04-19 at 04.03.09.jpeg

And #FlatMoti and I were in Quebec City, Ottawa, and Montreal

IMG_3756.jpg IMG_3781.jpg

Community Highlights

Here are the threads to watch from the last week:

Finding Root Cause for all the F2F Traffic

Does require digging into the configuration a bit.

Use of Private ThreatCloud behind Load Balancer

Didn't realize this was possible.

IPS, Follow-Up, and Staging

How these worked changed from R77.x to R80.x.

Check SIC Status Without SmartConsole

cprid_util to the rescue

2019 Job Task Analysis Survey

This will help our Training and Certification team

Does the 4600 Appliance with 4GB of RAM Support R80.20?

Yes, it does.

Gaia Backup All Clish Configs From All Gateways With a Single CLI Command

Neat trick!

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Upcoming events include:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

 

Read more
1 0 978
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates in Vienna and Salzburg

@Valeri_Loukine did events in Vienna and Salzburg. Only got one picture from both events:

IMG_1857.jpg

Community Highlights

Here are the threads to watch from the last week:

CheckMates GO Episode 1: Threat Intelligence

We've launched our new podcast, CheckMates GO! Look for it in iTunes, Google Play, or wherever finer podcasts are procured!

Problem with adding threat indicator via Web Services API

Remember to always use the publish action when using the API.

How am I Seeing Application-Specific Logs Without HTTPS Inspection?

There are pros and cons to doing this without HTTPS Inspection. This will get easier in R80.30 with SNI support.

R80.20 Validation Error: IP Protocol value must be in the range 1-255

It's an easy fix, but the error message is misleading.

R7x / R8x Installation Differences

Some observations 

Is http/https proxy needed to replace old proxy with Check Point gateway?

Depends on the environment you're in.

IPS Exception Not Working

There are a few places you set exceptions in R80.x.

How to determine top talker host IP

Useful for older gateways.

R80.10 and Java Compatibility for Firefox and Chrome

Some discussion around this new feature coming soon.

What is DLE?

I had to look this one up myself...

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Upcoming events include:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
1 2 372
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates in Madrid, Portugal, Bunnik, and Tulsa

@Valeri_Loukine had a pretty full dance card this week, doing events in Madrid, Portugal, and Bunnik:

No alt text provided for this image

bunnik.jpg

Me? I went to Tulsa:

6aefac45-6c0c-475f-a77d-c1c564fe2626.JPG

And CheckMates was on the menu at Stoney River Steakhouse in Nashville courtesy of @Adam_Forester!

IMG_2611 copy.jpg

Community Highlights

Here are the threads to watch from the last week:

New Software Releases

Rate & Review SandBlast Mobile Protect

Aside from sharing your feedback on CheckMates, of course, please let us know how you like SandBlast Mobile Protect on the various app stores.

Ansible Demo with R80.20 Gateways and Management

An updated version of an older demo, but now with current versions.

Max Concurrent Sessions Per Connection Exceeded Quota

Certain protocol inspections have a quota associated with them.

TechBytes: Remote Access

A how-to on setting up remote access.

Keeping Policy Templates with no Policy Install Targets

You might not want to keep a layer with a policy installation target of All. If you specify "Specific" then you have to put something there. Here's how to make it empty.

Automation for Newbies: Ansible and Terraform

A new demo involving Ansible and Terraform.

Can the 3200 Appliance Be Managed Locally?

Can it? Yes. Should it? Different question.

Activate PFS in a Community via API

No official API for it, but it can be done.

Show Changes in a Single Session

It can be done via API, yes. In R80.30, a SmartConsole Extension will be available that will generate a Policy Change Report.

API - Adding Network Objects with the same IP as Others Already Created

Not by default, but it can be done.

Move IPS Profile Rules to Threat Prevention Layer

One of those tasks you'll have to perform after you upgrade your gateways to R80.x.

Access Serial Console of Another Device thru Check Point Appliance USB port

This is a neat trick!

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Upcoming events include:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
3 2 363
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

What Happened This Week? A Lot.

@Valeri_Loukine did a CheckMates Live event in Ireland and I did two in Denmark with @Oren_Koren and Avishai Duer:

image.pngimage.png

 

The major thing that happened this past week was the migration to the new community platform, something that was at least a year in the making:

image.png

 

As with any migration of this nature, a few challenges were encountered. Not all the data could be migrated automatically, like the videos, which will be migrated by hand. The features aren't exactly the same as the old platform. Some things in the site design need tweaking. Nerd knobs need turning. There's definitely more work to do in order to make this new place feel like home.

We will rapidly iterate to address the various issues you've told us about and we've encountered ourselves. As we're big on transparency, we'll do our best to keep you all informed as improvements are made. Keep your feedback coming, positive or negative!

Info about the new platform we've shared so far:

Community Highlights

Despite the challenges caused by the migration, there was no shortage of conversations in the community this week:

Ultimate Collection of Check Point Links

This is a post @Valeri_Loukine put together a few months back that I just spent a lot of time with to update all the links and to ensure the videos were uploaded. Lots of great stuff here if you're just starting out with Check Point!

Multiple clish Commands from R80 Script Repository Possible?

There are ways, yes.

API with MDS Environment

When working with the API, remember to publish when you make changes, MDS or otherwise.

Is It Possible to Get an Overview of All Traffic to a Specific Country?

In R80.20, yes.

R80.20 Fresh Install to Sandbox TE100X Appliance has Kernel 2.6, Is It Normal?

For the moment, yes.

Establishing Trust Based on Signed Certificates Between Cisco ISE and Identity Collector

A how-to document.

Security Management: Videos and Hands-On Lab Booklet from CPX

If you didn't go to CPX 360 this year, here's one of the things you missed!

R80.20 Management in VMware

What basic settings you need.

Where Used between HTTPS Inspection and SmartConsole

If you use HTTPS Inspection on R80.x, watch out for this one!

Monitoring of Connection Tables

Doing it remotely via SNMP or similar.

Adding a Third 5800 to a Current 5800 Firewall Cluster

Some things to keep in mind here.

Linux for Check Point

While not strictly required, it's helpful to know some.

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Upcoming events include:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
1 0 95
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates Takes Bratislava

Valeri Loukine‌ and I did our largest CheckMates event ever in Bratislava where we had 100 people!

 

 

 

Community Highlights

Here are the conversations worth watching in the community:

 

https://community.checkpoint.com/community/about-checkmates/blog/2019/03/07/the-new-checkmates-is-al...

It should come on the 12th if all goes to plan.

 

R80.20 Use Cases TechTalk 

We had another TechTalk on R80.20 and had a LOT of Q&A.

 

Your opinion matters! 

We're asking you how you use mobile messaging apps, which will help us provide better products and services to you.

 

AWS Management Server and separate Logging Server 

There's an issue with the default Security Groups that requires manual adjustment.

 

Cluster XL - Interface Preference 

Can you ignore a specific interface in ClusterXL (meaning not cause a failover if it dies)?

 

Migrating the Functionality of a dedicated Proxy Server to Check Point 

TL;DR: We're not a proxy server.

 

Script to check health on SMB 

A new community development Smiley Happy

 

Identity Detection - Best option? 

Discusses the various options, and there's no one size fits all solution even in a single environment Smiley Happy

 

HTTPS drop in R80.10 

 

The workaround the community came up with is now documented in SK, even.

 

 

A feature many of you have been waiting for is now available.

 

Upcoming Events

We are now maintaining our event calendar in Google Calendar.

You can browse our calendar of events here: CheckMates Calendar 

Upcoming events include:

We are currently in the planning phases for our 2019 events.

If you want one in your area, get in contact with us: checkmates@checkpoint.com 

Read more
0 0 117
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

Community Highlights

Here are the conversations worth watching in the community:

 

New Software Releases/EAs:

 

#CPX360 Slides 2019 

We turned around the slides and videos for CPX 360 in record time! The partner-specific content is now also available to partners.

 

Check Point for Beginners - Typical Config Mistakes 

We've had a couple threads on this. See also: Top human fails to avoid 

 

SmartConsole potential CPM issues 

In this case, the issue was resolved by generating a new SIC certificate (not to be confused with resetting the SIC ICA).

 

Which method would you recommend to upgrade from R80 to R80.20? 

migrate export/import is probably the better approach.

 

Are any of the MDS limitations in MDS R80.20 are addressed in R80.30EA? 

TL;DR: no, but we are working on it. 

 

R80.30 cheat sheet - ClusterXL 

Another good one from Heiko Ankenbrand‌!

 

Use Sandblast API on Security Gateway 

You can't do it on a regular Security Gateway. 

 

 

If you're struggling with this, this thread should help.

 

Upcoming Events

Due to the upcoming change to Lithium, we are maintaining our event calendar in Google Calendar.

You can browse our calendar of events here: CheckMates Calendar 

Upcoming events include:

We are currently in the planning phases for our 2019 events.

If you want one in your area, get in contact with us: checkmates@checkpoint.com 

Read more
2 0 171
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates Does CPX360, Vienna Style!

Our CPX 360 show in Vienna was our largest to date with over 4000 customers, partners, and employees in attendance!

 

 

Here I am with James Alliband‌ and Bien Nguyen‌ right before the keynotes:

 

 

Unlike in the Vegas and Bangkok events, CheckMates did not have a booth on the expo floor this time around.

Instead, we had a lounge outside of our breakout track, which proved to be quite popular!

(Great idea, Amit Sharon‌!)

 

 

 

The CheckMates track itself was quite popular as well, particularly Danny Jung‌'s session:

 

 

There was quite a lot to see at this years CPX 360 events!

 

 

Community Highlights

Here are the conversations worth watching in the community:

 

New Software Releases

 

How to apply QoS on a User for restricting Bandwidth? 

Came up here: Limit bandwidth. R77.30  

 

Allowing custom site with external hosted images 

Tricky when taking a whitelist approach and the content is hosted on a CDN.

 

SmartConsole | New 'Group Membership' Feature 

A few of you asked for this feature. It's been added in R80.20.M2.

 

Expert command of Security Management Server to show Initialization Status 

Remember this one.

 

Issues with IE and SandBlast Extension; GPO deployment may be helpful? 

These issues are fixed in E80.92.

 

Can the default be changed for the logging time period results? 

In SmartView, yes.

 

Managing a gateway over VPN 

You don't want to do this.

 

Enable DPD on R80.20 

Some confusion about how this works.

 

R77.20.85 performance issue on centrally managed SMB 

Some additional issues we're tracking in this thread.

 

Is CP planning to support Load-Sharing in future releases? 

It was not added to R80.20. We plan to have it later in 2019.

 

How do I change the https certificate for Sandblast API? 

It uses the SIC certificate, which means...you can't change it.

 

Upcoming Events

Due to the upcoming change to Lithium, we are maintaining our event calendar in Google Calendar.

You can browse our calendar of events here: CheckMates Calendar 

Upcoming events include:

We are currently in the planning phases for our 2019 events.

If you want one in your area, get in contact with us: checkmates@checkpoint.com 

Read more
5 2 266
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

Vienna Calling!

You can bet the CheckMates team will be at CPX 360 in Vienna!

Meanwhile, Kishin Fatnani‌ took a great photo of a bunch of us in Vegas!

Posted: https://community.checkpoint.com/community/infinity-general/blog/2019/02/14/cpx360 

 

 

Community Highlights

Here are the conversations worth watching in the community:

 

Smart Console: Packet Mode - Possible Bug? 

Yes, theres a bug there, but thanks to the community, we'll see an improvement!

 

New in Developers (Code Hub)

 

Lower number of CoreXL instances in ClusterXL HA

The number of CoreXL on all cluster members must match or clustering won't work.

 

Application Control Bug!? 

Not really a bug, but a misunderstanding of how the policy works on SMB appliances.

 

ConnectControl / Logical Servers within same subnet 

Have to admit, this one stumped me, even!

 

Limited Permission Profile 

While it's not possible to limit who can read a specific policy, you can restrict what logs they can see (in R80.x at least).

 

How to check debug command ? 

Given there are a number of different ways to debug, there is no simple answer to this question.

 

R77.20.85 performance issue on centrally managed SMB 

The fixed version of firmware was released on 11 February. See: R77.20.85 for Small and Medium Business Appliances 

 

Log all the rules on R80.x 

Including the implied rules.

 

 

Rename the files. We are planning a fix for this.

 

Upcoming Events

Due to the upcoming change to Lithium, we are maintaining our event calendar in Google Calendar.

You can browse our calendar of events here: CheckMates Calendar 

Upcoming events include:

We are currently in the planning phases for our 2019 events.

If you want one in your area, get in contact with us: checkmates@checkpoint.com 

Read more
1 0 164