cancel
Showing results for 
Search instead for 
Did you mean: 
Start an article

The CheckMates Blog

Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates on a Yacht!

@Moti@Amit_Sharon, and I were in Miami for CPX, which was held on the Seafair Mega Yacht! Amit caught me in action at the booth:

IMG_4160.jpg

Moti gave his keynote:

IMG_4181.jpg

Community Highlights

Here are the threads to watch from the last week:

CheckMates Member of the Month for May 2019: Maarten Sjouw

Congratulations and thank you for your ongoing contributions to the community, @Maarten_Sjouw !

CheckMates GO Episode 4: Threat Intelligence

Are you enjoying our new podcast? Let us know!

Moving Gateway to New Management and Importing Old Ruleset

Topic came up again in a different thread, so re-highlighting this one.

R80.10 User Mode Firewall and Performance Impact

Our VP of Products Dr. Dorit Dor weighed in on this thread. Seems in R80.30 with the 3.10 kernel, this is the default for all platforms and it will bring some performance benefits.

Duplicate Services: Which One Will Be Used?

Depends on the rule that matched the connection.

SmartMove

Our tool to migrate to Check Point from other vendors has been updated to support Palo Alto Networks!

Legacy DHCP Relay Services When Upgrading to R80.x

You can leave the old ones there, but there are some benefits to moving to the new services.

Regarding CVE-2019-0708

We've had requests regarding an IPS signature for this particular CVE.

Installing Expansion Interfaces to a Cluster Member

An order of operations question.

How Packet Flow Works Inside the IPS Blade

For those who are curious...

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Here's where you can find @Valeri_Loukine and I over the next few weeks

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
0 0 64
Admin
Admin

Maarten.jpgIt's that time of the month where we recognize our best members. Put your virtual hands together for @Maarten_Sjouw, our CheckMates member of the Month for May 2019!

Read more...

Read more
11 6 220
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

Community Highlights

Here are the threads to watch from the last week:

White Paper Publishing Project

Our SE community has developed a lot of white papers we are starting to publish on CheckMates. It's ~joe 2.0!

Check Point R80.30

Not surprisingly, it's been one of the most searched-for things on CheckMates...and it's finally here!

Moving Gateway to New Management and Importing Old Ruleset

It's manual work, but it can be done.

A Glimpse into Artificial Intelligence and Machine Learning

Latest in our CheckMates Nuggets series.

Anti-Spoofing on Interfaces Which Have Not Been Updated

What happens when you add an interface before you define the policy?

Any Tool to Build a Rulebase from an "Any Any Accept" Rule?

Not really, but the using the logs the right way can certainly help.

Customized fwm logexport

Did not realize this was possible. Which, considering how long fwm logexport has been around, is kinda amazing!

Using CSV to Bulk Add Objects -- Doubled Items

When you're adding objects that already exist by name or by IP...

Managing a Gateway over VPN

This well-covered topic has come up again.

Bypass HTTPS Inspection for a Custom URL

Likewise, this old thread has come up again.

Sharing a Session with GUI and Gaia Expert

You can "take over" a session created through mgmt_cli from SmartConsole...and vice versa.

Temporarily Disable Auto-Generated NAT Rules

Not really an easy way to do this, but there are some suggested workarounds.

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Here's where you can find the CheckMates team over the next few weeks:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
1 0 225
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

Community Highlights

Here are the threads to watch from the last week:

New Releases

CheckMates GO Episode 3: Threat Intelligence

Wonder when I'm going to make my way onto one of these podcasts 😁

Do I Need Proxy Rule About the Stealth Rule?

Yup.

Manually Define Local VPN Domain Per Remote Peer

We'll make this something in SmartConsole soon, hopefully.

Is It Possible to Change Settings for How Application Control Works?

It's not an issue with Application Control per-se, but an issue with parsing certain HTTP traffic when Application Control is invoked.

Cannot Remove IPS Blade from Gateway Object

Make sure your Threat Prevention policy isn't too specific.

2200 Appliances and R80.20 Support

Assuming you have 4GB of RAM, it works.

Disk Space Management Seems Not to Be Working

Make sure to account for the 5% reserve that is typical in Unix filesystems.

Script to Delete A Specific Tag from All Objects

A case of "ask and you shall receive."

New Unified API Reference

Currently contains only Management and Gaia APIs, but will be updated to include the others soon.

Rulebase Audit Based on Date

Shows rules that are older than 365 days.

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Here's where you can find @Valeri_Loukine and I over the next few weeks

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
0 0 158
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

Community Highlights

Here are the threads to watch from the last week:

Dynamic CLI and Gaia APIs TechTalk and Q&A

If you missed it, the recording and slides are here.

Is It Possible to Export and Import Host Objects?

Of course it is.

Details of Fields Logged

We don't have a comprehensive document, but Log Exporter has some of it documented.

Legacy Auth on R80.10 Gateways

It works, but you should really move to Identity Awareness.

Why are some IPS Signatures Inactive?

Check the Threat Prevention profile settings.

Why Do We See Logs on Rules Which Are Not Installed Yet?

It's a feature.

Updateable Objects and NAT

Apparently, this is also a feature.

Publish and Install Difference

For those new to R80.x.

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 

Read more
0 0 432
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates in Russia, Kazakhstan, and Canada

The CheckMates team was busy getting the word out all over the world! @Valeri_Loukine was in Moscow and Almaty:

WhatsApp Image 2019-04-19 at 04.01.55.jpeg WhatsApp Image 2019-04-19 at 04.03.09.jpeg

And #FlatMoti and I were in Quebec City, Ottawa, and Montreal

IMG_3756.jpg IMG_3781.jpg

Community Highlights

Here are the threads to watch from the last week:

Finding Root Cause for all the F2F Traffic

Does require digging into the configuration a bit.

Use of Private ThreatCloud behind Load Balancer

Didn't realize this was possible.

IPS, Follow-Up, and Staging

How these worked changed from R77.x to R80.x.

Check SIC Status Without SmartConsole

cprid_util to the rescue

2019 Job Task Analysis Survey

This will help our Training and Certification team

Does the 4600 Appliance with 4GB of RAM Support R80.20?

Yes, it does.

Gaia Backup All Clish Configs From All Gateways With a Single CLI Command

Neat trick!

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Upcoming events include:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

 

Read more
1 0 541
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

Busy Week Coming Up

@Valeri_Loukine and I were NOT on the road this past week, but we've both got full dance cards coming up. In addition, there are also CheckMates events happening in Denver next week. See the complete list below! 

Community Highlights

Here are the threads to watch from the last week:

Latest Releases

CheckMates Member of the Month for April 2019: Jerry Szpinak

Been quite a while since we've done one of these.

Easy execute CLI commands from management on gateways!

This has been possible for a while, this just puts a "familiar" interface on it.

Logical Interface as Next Hop for Routes on Cluster Members that DO NOT use VIPs in Different Subnet

This is generally not a good idea.

Show Total Number of Objects in Database For R77.x and Earlier

Pretty easy with the ye olde objects_5_0.C

Jumbo Hotfix Versions Between Firewall and Management

Ideally they should be the same or higher.

Missing Cleanup Rule When a Rule is Definitely Set

A cleanup rule has a fairly specific definition.

Nat Rule over Tunnel/Community

If you want to do NAT across a VPN, make sure you haven't disabled it in the community.

Configuration Migration From 4200 Appliance to 4800 Appliance

While trying to maintain similar versions.

Fetch Changed Policy from Management to Gateway

When the existing policy doesn't let you fetch it.

Cannot Connect with SmartConsole to R77.30 or Earlier Management

It keeps coming up as people do fresh installs of R77.30 and earlier.

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Upcoming events include:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
1 0 2,141
Admin
Admin

It has been an embarrassingly long time since we've recognized great contributors to the CheckMates community! Time to get back to doing it.

Put your virtual hands together for @Jerry , our CheckMates member of the Month for April 2019!

Read more...

Read more
5 0 235
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates in Vienna and Salzburg

@Valeri_Loukine did events in Vienna and Salzburg. Only got one picture from both events:

IMG_1857.jpg

Community Highlights

Here are the threads to watch from the last week:

CheckMates GO Episode 1: Threat Intelligence

We've launched our new podcast, CheckMates GO! Look for it in iTunes, Google Play, or wherever finer podcasts are procured!

Problem with adding threat indicator via Web Services API

Remember to always use the publish action when using the API.

How am I Seeing Application-Specific Logs Without HTTPS Inspection?

There are pros and cons to doing this without HTTPS Inspection. This will get easier in R80.30 with SNI support.

R80.20 Validation Error: IP Protocol value must be in the range 1-255

It's an easy fix, but the error message is misleading.

R7x / R8x Installation Differences

Some observations 

Is http/https proxy needed to replace old proxy with Check Point gateway?

Depends on the environment you're in.

IPS Exception Not Working

There are a few places you set exceptions in R80.x.

How to determine top talker host IP

Useful for older gateways.

R80.10 and Java Compatibility for Firefox and Chrome

Some discussion around this new feature coming soon.

What is DLE?

I had to look this one up myself...

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Upcoming events include:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
1 2 205
Admin
Admin

Welcome to "This Week in CheckMates," your weekly highlight reel for all things CheckMates!
Past and future posts will be available here: The CheckMates Blog
To have these updates show up in your preferred RSS reader add the following URL: The CheckMates Blog RSS Feed
See also our social media accounts and our podcast (RSS Feed)

CheckMates in Madrid, Portugal, Bunnik, and Tulsa

@Valeri_Loukine had a pretty full dance card this week, doing events in Madrid, Portugal, and Bunnik:

No alt text provided for this image

bunnik.jpg

Me? I went to Tulsa:

6aefac45-6c0c-475f-a77d-c1c564fe2626.JPG

And CheckMates was on the menu at Stoney River Steakhouse in Nashville courtesy of @Adam_Forester!

IMG_2611 copy.jpg

Community Highlights

Here are the threads to watch from the last week:

New Software Releases

Rate & Review SandBlast Mobile Protect

Aside from sharing your feedback on CheckMates, of course, please let us know how you like SandBlast Mobile Protect on the various app stores.

Ansible Demo with R80.20 Gateways and Management

An updated version of an older demo, but now with current versions.

Max Concurrent Sessions Per Connection Exceeded Quota

Certain protocol inspections have a quota associated with them.

TechBytes: Remote Access

A how-to on setting up remote access.

Keeping Policy Templates with no Policy Install Targets

You might not want to keep a layer with a policy installation target of All. If you specify "Specific" then you have to put something there. Here's how to make it empty.

Automation for Newbies: Ansible and Terraform

A new demo involving Ansible and Terraform.

Can the 3200 Appliance Be Managed Locally?

Can it? Yes. Should it? Different question.

Activate PFS in a Community via API

No official API for it, but it can be done.

Show Changes in a Single Session

It can be done via API, yes. In R80.30, a SmartConsole Extension will be available that will generate a Policy Change Report.

API - Adding Network Objects with the same IP as Others Already Created

Not by default, but it can be done.

Move IPS Profile Rules to Threat Prevention Layer

One of those tasks you'll have to perform after you upgrade your gateways to R80.x.

Access Serial Console of Another Device thru Check Point Appliance USB port

This is a neat trick!

Upcoming Events

We are now maintaining our event calendar in Google Calendar.
You can browse our calendar of events here: CheckMates Calendar 
Upcoming events include:

If you would like a CheckMates Live event in your area, get in contact with us: checkmates@checkpoint.com 

Read more
3 2 162