The Right Tools for the Job

Good tools are crucial when performing any routine and precise tasks, and network security is no exception. How can you improve your cybersecurity toolbox?

Moving to SNMPv3 at scale

The United States Computer Emergency Readiness Team released alert TA17-156A regarding the abuse of SNMP.

Security Updates: August 4, 2017

Check Point Gaia Management SecurePlatform IPSO ClusterXL old or too-new arriving updates percentage is normal Database revisions are set to automatically delete ClusterXL old or too-new arriving updates percentage is normal ICMP out of state drops are disabled on gateway ClusterXL Avg missing updates per request under 20 Database revision control will not be deleted [...]

Security Updates: July 19, 2017

Check Point Secure Internal Communication (SIC) is established Fan speed is within normal levels System temperature is high CPU temperature is high Power supplies are healthy Free memory level is acceptable More than 50% of packets are taking medium path More than 50% of packets are taking slow path ICMP inspection is enabled  

Check Point Firewall – Find Your Top 5 Rules Used on the CLI

An easy way to find out your top 5 used rules in R76 and above from the CLI (command-line interface) on your Check Point firewall is to type cpstat blades.  The command is not super intuitive, but it does produce results. [Expert@CN-Gaia-A:0]# cpstat blades |grep -A9 "Top Rule" Top Rule Hits ----------------------- |rule index|rule count| [...]

Security Updates: July 10, 2017

Check Point TCP start timer is default Drop out-of-state ICMP packets TCP session timeout is default Drop out-of-state UDP packets TCP end timeout is default Drop out-of-state TCP packets UDP session timeout is default Log out-of-state TCP drops ICMP session timeout is default Log out-of-state UDP drops Other protocol session timeout is default Log out-of-state [...]

STDIN (Standard In) on Steroids

CyberSana provides a secure bridge into your infrastructure. The ability to type the same commands on multiple devices is used for triage, incident response, upgrades, baselines and general information gathering. Regardless of the destination, you can now easily type a command to all devices or specific target groups or individual devices.