Saturday, February 21, 2015

In the spotlight

Yesterday Check Point published an article about my certifications under the testimonials section of its web side.

The article is the result of my interview with the certification team. Thanks you, Check Point.

Thursday, February 19, 2015

Hyperwise Security aquired by Check Point

Check Point Software Technologies has announced yesterday its acquisition of  Hyperwise Security - a small Israeli startup company founded in 2013.

According to Israeli economy journal Calcalist (Hebrew only), Hyperwise has had 4 employees in March 2014 with plans to hire 6 more people.

The journal says Check Point has payed $80M for the startup. It is 40 times more than the original investment of $2M done by Shlomo Kramer and some others.

Shlomo Kramer, one of Check Point's founding fathers, is investing in various technology companies in IT security field. Among multiple startups there are also many known and established vendors, such as Imperva or Palo Alto.

To my knowledge, this is the first time Check Point acquires one of Shlomo's babies. It is also quite extraordinary for Check Point to go after a startup in its early stages of technology development.

I would assume Check Point was after technological concepts that could help reinforcing threat emulation functionality.

Monday, February 9, 2015

Querying policy details on your FWs

With growing complexity of security systems we need to rely on automation for some routine tasks. One of these tasks can be checking policy package names and installation timestamps per FW.

One of the ways to do so is to use cpstat command on your management server. The command would look like this:

cpstat -h -f policy fw | grep Policy

with the output similar to this:

Policy name:                Standard
Policy install time:        Fri Jan  9 10:28:20 2015

More details about cpstat can be found in CLI reference guide document.

Sunday, February 8, 2015

Hi all!

I am considering to start video training online around Check Point: basics, troubleshooting, optimisation, best practices, etc.

I would appreciate if you could answer a quick survey here for the matter. Please also free to comment below. You feedback is extremely valuable.

UPDATE: Thanks all participants. The pool is now closed.

Friday, February 6, 2015

vsx_tool undocumented feature surfaces on the latest Check Point management

Apparently, latest versions of vsx_util binary have new undocumented option: downgrade.

As you may know, vsx_util is a management tool used for maintenance of VSX systems. It allows administrators to perform multiple advanced operations that are unavailable from SmartDashboard GUI client, such as changing clustering mode, adjusting VSLS distribution, setting a different "funny IP" addresses on the modules, etc.

It is also used to upgrade the management definitions of VSX object, with vsx_util upgrade. In this case the tool changes VSX object's version and makes changes in the parameters of the object. This option is routinely used to upgrade VSX systems. GWs are just re-installed with the new version, then vsx_util upgrade takes care of MGMT side changes and calls for vsx_util reconfigure procedure to push config to the newly installed VSX cluster members.

As it seems today, vsx_util downgrade does exactly the opposite. Mind this feature is not documented and hence not supported. Using it (assuming it will be supported soon) will allow faster and safer roll-back procedures in case of upgrade failure.

Thanks to my old friend and a brilliant Check Point expert Jason Card for reporting this information to me.