Fun With SPLAT, VMware, and IPSO
Seeing as how I have my Check Point CCSE again, and it’s likely I’m going to be working for Check Point at some point in the near future, I figure it’d be worth my while to get a “proper” Nokia firewall going again. I opted for the following:
NGX R65 HFA_40 SmartCenter on Secure Platform (SPLAT) installed in a VMware VM
NGX R62 HFA_01 firewall installed on a Nokia IP260
Yes, I realize that R62 is going EOL in May. However, the IP260 is by far the quietest machine I have around here, and if I’m going to have it on all the time, I want it quiet. That’s another reason I went with a management station in a VM: the machine the VM runs on is relatively quiet.
To frame my experience properly, it’s probably worth reiterating some facts:
At some point in my life, I was considered an expert on the Check Point VPN-1 product. Maintaining an FAQ and writing two books on the product gives people that impression, even today 
The last time I did anything serious with Check Point was back in the NG AI days, which is about where my second Check Point Firewall-1 book goes up to. In other words, roughly 5 years ago.
I currently maintain the knowledge base for Nokia’s Security Appliance Business which, unsurprisingly, has a lot of Check Point-related stuff in it. Yes, I read a lot of stuff about the product even though I haven’t got a lot of recent, practical experience with the product.
I have never, prior to the CPUG University class I took recently, even seen SPLAT, much less installed it on anything.
With these facts in mind, I created a blank VM and loaded up the SPLAT ISO. How hard can it be, I figure?
I got an email from the 
