Nov 182016
 

SandBlast is wonderful

In my humble opinion, SandBlast Threat Emulation is one of the most effective software blades Check Point has ever built. I saw it rescuing some customers asses in the zenith of Locky & Co.

It is very smart with SMTP and filters out malicious mails in a wonderful way. Nearly one year ago one of our customers was heavy under attack with malicious PDFs coming in to about 1,500 different end users within 10 minutes. The file hash was changing nearly every fifth file. I could easily spot this from SmartLog.

Nothing bad happened to the customer besides some time of mail congestion, but every little piece of malware was sorted out by Check Point SandBlast Threat Emulation. Wonderful, really wonderful. Continue reading »

Nov 172016
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I will try to continue and extend the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU 5200 (Thanks to Magnus Holmberg)
  • CPU 3200 (Thanks to Thomas R.)
  • CPU/Mem TE2000X HPP (Christoph Murth)

Continue reading »

Nov 012016
 

Today I learned something astonishing about cache implementation.

What I thought before: When I have a cache with 20,000 entries and it fills up, I would define two marks. Let’s call them “high watermark” and “low watermark”. When the number of entries reaches the high watermark I will start to delete the most unused entries until we reach the low watermark. Let’s call this process “garbage collection”, furthermore.  Continue reading »

Oct 102016
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I will try to continue and extend the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU 23800 (Thanks to Derek O’Flynn)
  • CPU 5800 (Thanks to Iris Michelsen)
  • CPU TE100X (Thanks to Markus Malits)

Continue reading »

Sep 062016
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I will try to continue and extend the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU 5600

Continue reading »

Aug 202016
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I will try to continue and extend the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU 15400 (Thanks to Tony)

Continue reading »

Aug 032016
 

We have made Check Point Security Checkups for many of our customers or sales prospects. This is done via a mirror port configuration (sk83500: How to run a Mirror Port Proof of Concept) of a firewall gateway together with a security management server and SmartEvent.

Today Check Point announced a new R80 version of the Security Checkup in the Cloud (sk112732). This made me curious.  Continue reading »

Aug 012016
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I will try to continue and extend the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU 23500 (Thanks to Umut Kiran)

Continue reading »