Monday, August 7, 2017

Capsule Docs on Mac? Forget about it...

Last year I was writing about my rather unpleasant experience around Capsule Docs on Mac. It is time to add another chapter to that story.  

I have made yet another attempt to use the tool on Mac. With my 10.12.6 Sierra machine it fails even more miserable than before. With the latest client (still Alpha, mind you!), I cannot even open a document.




Although I am logged in and even can open the same document on Windows with the same credentials, I am getting "Insufficient permissions"...



How hard can it be, really? What should happen for Check Point to start getting Mac user seriously?

In case you ask, the only reason for me to even touch Capsule Doc Viewer is that Check Point Education Services discontinued paper courseware, forcing both students and instructors to use e-kits with Capsule Docs protection. I will address this subject later on.

-----------
Support CPET project and this blog with your donations to https://www.paypal.me/cpvideonuggets 


Sunday, July 30, 2017

CPET session 3 - video is published

Thanks all who could join.

The session subject is Kernel Debug, best practices


-----------
CPET project relies on your support. 
Participate in the talks and help us with your donations to https://www.paypal.me/cpvideonuggets 
Follow us on Facebook and Twitter. 

Wednesday, July 26, 2017

Turning out of state drops on and off on your gateways without pushing policy

One of the regular issues I help my customers resolving is about out of state drops. there might be multiple causes, and those should be addressed by proper troubleshooting and network configuration changes.

However, there are cases when you just need a quick fix before addressing the root case of the problem.

The classic way to do that is to change Global Properties settings on your management and to install policy. The biggest problem with that approach is that the settings are global and will affect all FWs in the security domain after a policy push.

But no worries, there is a way around it, described in SK117374. Fw kernel has two parameter that define out of state drops for TCP and ICMP:

fw_allow_out_of_state_tcp
fw_allow_out_of_state_icmp

For example, by running fw ctl set int fw_allow_out_of_state_tcp 1  you can allow TCP traffic to pass through. Setting the same parameter to 0 will start dropping out of state TCP again.


-----------
Support CPET project and this blog with your donations to https://www.paypal.me/cpvideonuggets 

Tuesday, July 25, 2017

R80.10 debug documents are now public

Check Point has published a set of new documents describing kernel modules and debug flags, SecureXL and CoreXL debug details in R80.10. 

Although the documents are public, to download them you will need to log in to User Center.

Kernel Debug flags - R80.10 http://downloads.checkpoint.com/dc/download.htm?ID=56864 SecureXL Debug Flags - FWAccel (R80.10) http://downloads.checkpoint.com/dc/download.htm?ID=56865 SecureXL Debug Flags - SIM (R80.10) http://downloads.checkpoint.com/dc/download.htm?ID=56866

Special thanks to Sergei Shir for this publication.



-----------
Support CPET project and this blog with your donations to https://www.paypal.me/cpvideonuggets 

Sunday, July 23, 2017

CPET session 3 - it is on!

The next Check Point Expert Talks session will take place on Sunday 30th of July at 14:00 CET. You have chosen Kernel Debug Best Practices as the topic.

The session is limited to 100 participants. If you cannot join, video recording will be available later on.

To put the session in your calendar, use invitation link.

Otherwise, use this link information to join.

-----------
CPET project relies on your support. 
Participate in the talks and help us with your donations to https://www.paypal.me/cpvideonuggets 
Follow us on Facebook and Twitter. 




Monday, July 10, 2017

CPET session 3 - choose the topic and time

Do not miss the opportunity to choose what and when will be discussed on the third CPET live session.

This time I am proposing three different subjects:

1. Details of Policy Installation with Check Point
2. Kernel Debugging Best Practices  - Chosen
3. Open Questions and Answers discussion

Note: if option 3 is chosen, I will ask to submit questions in advance, so I could go through them. 10 minutes will be left for further discussion anyway.

The proposed times are:

1. Saturday, 29th of July, 18:00 CET
2. Sunday, 30th of July, 14:00 CET - Chosen


The pool is now closed. Session details and invitation are here.



-----------
CPET project relies on your support. Participate in the talks and help us with your donations to https://www.paypal.me/cpvideonuggets 
Follow us on Facebook and Twitter.