Month: January 2012

Check Point Firewall – Nokia IPSO CST Hanging or Taking Forever?

Is your Nokia IPSO CST Not finishing? Trying to run a CST on your Nokia, but seems to be taking forever? I have had the same issue on various Nokia security appliances running on IPSO 4.2 and older. The problem ended up being hung process that was spawned by the CST program. It seems that…

Read More »

Check Point Firewall – Detect SSH over Non Standard Ports

Many enterprises deploy proxies these days, but many are not aware that if they are not configured correctly, they may be allowing tunneling through certain protocols, and in essence, giving a tech savvy employee the keys to exploit this fault. Most times this is SSH over HTTP/HTTPS, but can also be over other ports, which…

Read More »

Check Point Firewall – Interfaces Reordered Upon Upgrade

A few days ago, one of our Check Point IAS M6 Firefly equiped, R70.20 Splat clusters, had a member fail due to “PLANAR VOLTAGE FAILURE”, so says the IBM iLO event log. Since this is not solved by a simple power supply replacement, so an RMA replacement unit from Check Point was obtained. The new…

Read More »

Check Point Firewall – Backup vs Snapshot

Backup procedures Check Point provides three different procedures for backing up (and restoring) the operating system and networking parameters on your appliances. • Snapshot (Revert) • Backup (Restore) • upgrade_export Each of these procedures backs up certain parameters and has relative advantages (such as: file size, speed, and portability), which are fully described in this…

Read More »

Blue Coat ProxySG – ICAP, deferred scanning, and data trickling

Recently I was digging into a BlueCoat ProxySG / ProxyAV setup for ICAP and noticed some things that had room for improvement. Not a major overhaul, but some things that were missed from the best practices guide that just so happened to be causing a bit of an issue. Below is part of the small…

Read More »