You may experience issues like a Check Point installation not being responsive (processes not started, etc.) and your dmesg, messages, $FWDIR/log/fwd.elg and fwm.elg may be filled with all sorts of error messages indicating the lack of files or not being able to create files. In general it behaves in such a way you’ll think “I […]
You may want to automatically enter expert-mode when logging onto your GAiA firewall and this article aims to provide necessary configuration steps to achieve just that.
If you would like to increase the timeout for a specific service, rather than globally (Global properties > Stateful inspection) which is 3600 seconds, you can do that on a given service. In the GUI open a service, click on advanced and enter desired session timeout.
CheckPoints new blade will be released Q1 2012 and is aimed to handle infected machines in the network, despite this being an Endpoint problem rather than a network problem. The blade will identify bot-traffic passing through the security gateway and stop it, be it C&C-communication, spam or transfer for sensitive data. The blade also has […]
On the 5th of October, CheckPoint announced new appliances to unify the IP, UTM and Power-series into one product line: The CheckPoint 2012 appliances. 7 new models were released, and started shipping, today; 1 low-end branch-/small office: 2200 series 3 enterprise-grade appliances: 4200, 4600 and 4800 series 3 datacenter appliances: 12200, 12400 and 12600 series […]
Previously, throughput of an appliance was the only performance-numbers presented by CheckPoint and it was close to useless in terms of determining if the appliance is powerful enough to support your needs. The reason for that was due to the fact the performance-numbers were based on lab conditions using only firewall security and one firewall […]
There can be several reasons for configuring users to automatically enter expert-mode upon login, two of which may be: – You have several administrators and you want to keep the expert-password secret. – You can’t be bothered to type expert and then another password to enter expert mode. Create the user, using adduser if needed. […]
One of the questions I’ve asked myself when troubleshooting SPLAT-installations were “What NICs are in this box?”. Seeing how it is built on RHEL the answer wasn’t too difficult to find, but I’ll put it here nontheless – just in case someone stumbles along looking for the answer to that exact question. =)