Wednesday, September 6, 2017

Your ultimate landing page for Advanced Tech Reference Guides


Check Point SecureKnowledge database is vast. It has hundreds of thousands of articles and documents. Sometimes, it takes a bit of an effort to find there what you are looking for.

Yet, it sometimes yields fantastic results. Here is something you may want to add to your bookmarks: a landing page for accessing ATRGs - Advanced Technical Reference Guides.

So far, it has links to 36 ATRGs. Whenever you want to learn a feature in depth, this is something you want to visit.

Also, it now has three new documents:



 Many thanks to Sergei Shir for sharing this information.

-----------
Support CPET project and this blog with your donations to https://www.paypal.me/cpvideonuggets 

Posted by at No comments:
Labels: ,

Monday, August 7, 2017

Capsule Docs on Mac? Forget about it...

Last year I was writing about my rather unpleasant experience around Capsule Docs on Mac. It is time to add another chapter to that story.  

I have made yet another attempt to use the tool on Mac. With my 10.12.6 Sierra machine it fails even more miserable than before. With the latest client (still Alpha, mind you!), I cannot even open a document.




Although I am logged in and even can open the same document on Windows with the same credentials, I am getting "Insufficient permissions"...



How hard can it be, really? What should happen for Check Point to start getting Mac user seriously?

In case you ask, the only reason for me to even touch Capsule Doc Viewer is that Check Point Education Services discontinued paper courseware, forcing both students and instructors to use e-kits with Capsule Docs protection. I will address this subject later on.

-----------
Support CPET project and this blog with your donations to https://www.paypal.me/cpvideonuggets 


Posted by at 9 comments:

Sunday, July 30, 2017

CPET session 3 - video is published

Thanks all who could join.

The session subject is Kernel Debug, best practices


-----------
CPET project relies on your support. 
Participate in the talks and help us with your donations to https://www.paypal.me/cpvideonuggets 
Follow us on Facebook and Twitter. 
Posted by at No comments:
Labels: , , ,

Friday, July 28, 2017

Do not miss CPET live session this Sunday

Time and link details are here


-----------
CPET project relies on your support. 
Participate in the talks and help us with your donations to https://www.paypal.me/cpvideonuggets 
Follow us on Facebook and Twitter. 


Posted by at No comments:
Labels: , , , ,

Wednesday, July 26, 2017

Turning out of state drops on and off on your gateways without pushing policy

One of the regular issues I help my customers resolving is about out of state drops. there might be multiple causes, and those should be addressed by proper troubleshooting and network configuration changes.

However, there are cases when you just need a quick fix before addressing the root case of the problem.

The classic way to do that is to change Global Properties settings on your management and to install policy. The biggest problem with that approach is that the settings are global and will affect all FWs in the security domain after a policy push.

But no worries, there is a way around it, described in SK117374. Fw kernel has two parameter that define out of state drops for TCP and ICMP:

fw_allow_out_of_state_tcp
fw_allow_out_of_state_icmp

For example, by running fw ctl set int fw_allow_out_of_state_tcp 1  you can allow TCP traffic to pass through. Setting the same parameter to 0 will start dropping out of state TCP again.


-----------
Support CPET project and this blog with your donations to https://www.paypal.me/cpvideonuggets 
Posted by at No comments:
Labels:

Tuesday, July 25, 2017

R80.10 debug documents are now public

Check Point has published a set of new documents describing kernel modules and debug flags, SecureXL and CoreXL debug details in R80.10. 

 Although the documents are public, to download them you will need to log in to User Center.

 Kernel Debug flags - R80.10 http://downloads.checkpoint.com/dc/download.htm?ID=56864 SecureXL Debug Flags - FWAccel (R80.10) http://downloads.checkpoint.com/dc/download.htm?ID=56865 SecureXL Debug Flags - SIM (R80.10) http://downloads.checkpoint.com/dc/download.htm?ID=56866

 Special thanks to Sergei Shir for this publication.



-----------
Support CPET project and this blog with your donations to https://www.paypal.me/cpvideonuggets 
Posted by at 2 comments:
Labels: ,

Sunday, July 23, 2017

CPET session 3 - it is on!

The next Check Point Expert Talks session will take place on Sunday 30th of July at 14:00 CET. You have chosen Kernel Debug Best Practices as the topic.

The session is limited to 100 participants. If you cannot join, video recording will be available later on.

To put the session in your calendar, use invitation link.

Otherwise, use this link information to join.

-----------
CPET project relies on your support. 
Participate in the talks and help us with your donations to https://www.paypal.me/cpvideonuggets 
Follow us on Facebook and Twitter. 




Posted by at No comments:
Labels: , , , ,
Subscribe to: Comments (Atom)