Monday, May 15, 2017

CPET feedback

Hi all,

Nobody showed up to the planned CPET session about pros and cons of Check Point Stateful Inspection, and I would like to understand what went wrong here.

Please kindly take your time to fill in a short questionnaire that would help me to plan better the next time.

Thanks a lot

CPET project relies on your support. Participate in the talks and help us with your donations to

Follow us on Facebook and Twitter. 


  1. What is your target audience?
    People who visit this blog are interested in Checkpoint. They must be quite skilled with it, right?
    So why would they want to listen about CP foundation history or "stateful firewall" definition? Those things are told at the very first day of CCSA course.

    1. Told and forgotten.

      Check Point's way of securing network traffic is one of the fundamental architectural principles that define technology they use.

      All further solutions and technologies, such as Performance Pack, CoreXL, kernel streaming, advanced security blades, etc - all that is the result of something Gil Shwed patented in 1993.

      You cannot start explaining advanced things before touching the basics. And I am not even convinced SI is a basic staff. Because it is not.

      The bare fact of it to be very much alive and relevant after 24 years gives you a hint.

      In my advanced troubleshooting class kernel enforcement on of the most interesting and challenging topics. And guess what, it starts with stateful inspection explained and dissected.

      Some questions for you.

      Why it takes a significant effort for Checkpoint to utilize effectively multiple cores?

      Why Check Point is unable to come up with a custom security silicon solution?

      Why dropping a packet takes much more effort than accepting it?

      Why FW performs inspection and manipulation on the traffic twice when crossing a security device?

      Some of the questions seem trivial, but although the answers are simple, many of my students struggle with those.

      So, the way I see it, advanced topics are all full of basic things, interconnected.