Thursday, February 28, 2013

Could not push policy from R75.40VS to R67.10 VSX

A customer of mine could not install policy to a Virtual System on R76.10 VSX cluster after upgrading MDM servers to R75.40VS.

Policy verification was failing with multiple errors (some data removed):

INTERNAL ERROR in execval: optimization disabled: displacement too large
INTERNAL ERROR in execval: optimization disabled: displacement too large
ERROR: Table or domain are not allowed here
ERROR: table '<'quota_table'>' has no predefined format
ERROR: table '<'quota_table'>' has no predefined format
Compilation failed.
Operation ended with errors.

The messages look quite scary, but no worries.  The key here is quota_table.

In fact it is an old error from 2007, related to Network Quota being enabled in IPS profile. Disabling Network Quota fixes the issue. Check Point has SK32549 for that.

Although it is something known for long, I am wondering why it has been surfaced only after MGMT part being upgraded. 

Please let me know if you encountered this issue as well.

Monday, February 25, 2013

Check Point Security Report 2013 reveals scary picture

If you did not look into 2013 Security report done by Check Point, it is probably a good time to do so.
The document reveals quite disturbing figures: above 60% of networks are infected with bots. About the same amount of "protected" networks is open for P2P. More than half of organisations have DLP accidents. And so far, and so on.

Thursday, February 14, 2013

Wednesday, February 6, 2013

Tuesday, February 5, 2013

User Center application for iPhone

If you are dealing with Check Point UserCenter on a daily basis, you might appreciate new Check Point iPhone app.

It allows you to search SecureKnowledge, access your support requests, see the latest security alerts and browse App Wiki.