Browsing All posts tagged under »Checkpoint«

Just a quick note about CoreXL

August 22, 2012

0

As a CCSE with about 5 years experienses I must admit I have never had any issue with multicores. But for the CCSE exam it must be clear and have to be saved in our mind. The only required operating system is SecurePlatform, but I am always courious about the other platforms as well. Here […]

Manual Failover

August 7, 2012

1

Failover can we generate with a lot of way. One way is with cphaprob, the most complicated way if you do not know it, but I am here for you to understand and use it instead of just an ifdown/ifup for an interface. :-) On the other hand it is an important command for the […]

Again fw monitor, hopefully the last post

August 7, 2012

1

I have always looked for a good documentation about fw monitor and I have find 2 usable doc. One is the official pdf and one in a post from a Checkpoint Expert (you can find them on my posts somewhere..) Actually there is no need to look for a documentation on google as it is […]

Script on your firewall or management server

August 7, 2012

0

You can put your own script in Checkpoint Firewall or Management with SPLAT. If you need just a specific info from SPLAT continuously, that can be reached with a simple command you can implement it in SPLAT with a bash script. 1. To start your script on boot you have to put it in /etc/rc.d/rc.local. […]

Are you aware of Identity Awareness?

July 31, 2012

0

Those customers, using user or session or client authentication, can have a new feature to migrate, this is called Identitiy Awareness. There is an example on the youtube for that. An old one to know how it began: http://www.youtube.com/watch?v=A5YIqoAZET8 and a new one how it look like now: http://www.youtube.com/watch?v=eEW9TROfhCE and my fully documented test comes […]

drops on IPSO interface

May 15, 2012

0

On IPSO the counter for packet drops is almost similar with the cisco drop counters. It is really detailed and can show us many kind of drops. To see if the number iof drops raises we have to check it 2-3 times when the issue arises. I guess with snmp we can monitor that value […]

external CA for Remote Access VPN

May 9, 2012

19

Checkpoint has a complete Certificate Authority infrastructure and I would use it for small and medium sized businesses where there is only some user for remote access. For large enterprises or for companies with existing CA infrasturcture it is worth to use their certificates, because it gives much more flexibility. In this example I illustrate […]