Archive for:

When discussing computer security with people, something I often bring up is this very simple equation:

What this means is that

…

For a while now, the family computers were connected to the Internet using a couple of WiFi routers: one was in a WDS Mesh with my router upstairs …

One of the things I will not miss about working for Nokia is all of the crap that the IT department loads on the company laptops. Aside from all the end-user apps, there were different programs for:

Firewall (it wasn’t the …

Over my 10 years in Nokia’s Security Appliance Business, I have met a lot of people. Many of these people worked in the business and moved onto other areas of Nokia. Others were the direct result of my “poking around.” …

While I know Kellman is going to write about his troubleshooting presentation at CPX (I looked through it, was pretty comprehensive), I wanted to borrow a slide from his presentation that I believe

…

One of the things that is making this transition to Check Point Software easier is the community of people that support, use, and sell what used to be called Firewall-1, but now goes by a few different names and offers …

Seeing as how I have my Check Point CCSE again, and it’s likely I’m going to be working for Check Point at some point in the near future, I figure it’d be worth my while to get a “proper” Nokia firewall going again. I opted for the following:

NGX R65 HFA_40 SmartCenter on Secure Platform (SPLAT) installed in a VMware VM
NGX R62 HFA_01 firewall installed on a Nokia IP260

Yes, I realize that R62 is going EOL in May. However, the IP260 is by far the quietest machine I have around here, and if I’m going to have it on all the time, I want it quiet. That’s another reason I went with a management station in a VM: the machine the VM runs on is relatively quiet.

To frame my experience properly, it’s probably worth reiterating some facts:

At some point in my life, I was considered an expert on the Check Point VPN-1 product. Maintaining an FAQ and writing two books on the product gives people that impression, even today
The last time I did anything serious with Check Point was back in the NG AI days, which is about where my second Check Point Firewall-1 book goes up to. In other words, roughly 5 years ago.
I currently maintain the knowledge base for Nokia’s Security Appliance Business which, unsurprisingly, has a lot of Check Point-related stuff in it. Yes, I read a lot of stuff about the product even though I haven’t got a lot of recent, practical experience with the product.
I have never, prior to the CPUG University class I took recently, even seen SPLAT, much less installed it on anything.

With these facts in mind, I created a blank VM and loaded up the SPLAT ISO. How hard can it be, I figure?

If you’re looking to get your Check Point CCSA and CCSE certifications, I can’t think of a better way to do it than going and taking your training from CPUG University. This 6-day boot camp, class taught by Barry …

I got an email from the National Science Foundation regarding an interesting technology they used to watch all the surveillance cameras at President Obama’s inauguration. According …

Long before I was a security geek, I was a systems administrator. Oh sure, security goes with the territory when you’re a systems administrator, but it’s only one aspect of the job.

Needless to say, I’ve maintained email servers as part …