Jul 282016
 

It seems that Check Point has changed its handling of Jumbo Hotfix Accumulators (JHFA) after many users experienced stability issues with JHFA in the beginning of 2016.

Long, long ago every customer with a support contract was able to download JHFA directly from the Support Center. Then Check Point changed the policy and you had to open a service request to gain access to a JHFA. Continue reading »

Jul 262016
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I will try to continue and extend the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU 15600 (Thanks to Maarten Sjouw)
  • CPU TE1000X
  • RAM for SandBlast Appliances from Product Catalogue

Continue reading »

Jul 252016
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I will try to continue and extend the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt to lachmannlist@fink.sh. I will try to update the list by time. Continue reading »

Jul 082016
 

Yesterday I worked in the home office. When connecting via Check Point VPN client to our company network I was presented a message that the certificate for the site changed. I clicked okay in the firm believe that I could easily verify this after the connection was established. (The reason was: I had to connect to the internal company network to get the sites fingerprint.) I really could verify the fingerprint – but “easily” was the problem. Continue reading »

Jul 252014
 

Mattermark lists the companies the Central Intelligence Agency (CIA) is invested in through its investment firm In-Q-Tel. Is the CIA trying to promote IT security or even more to get back doors to other networks. Who knows? I find these companies remarkable, In-Q-Tel invested in:

  • Cloudera
  • FireEye

One more interesting company is listed in the portfolio at the In-Q-tel website:

  • mongoDB

What are your conclusions?

Jun 242014
 

Anyone else annoyed with the speed of 115200 bps for the serial port on Check Point’s 1100 appliances? I am, because our terminal servers connect with 9600 bps. But this can be changed. Even if supportcenter.checkpoint.com does not offer any hint, the solution is quite simple:

  1. Get a connection to the appliance with 115200.
  2. Change to expert mode.
  3. Issue “fw_setenv baudrate 9600” there.
  4. Reboot.
  5. Connect with 9600.
  6. Enjoy.

To verify which baudrate you are using, issue “fw_printenv baudrate“.