Check Point Firewall Appliances

Yuri Slobodyanyuk yuri at
Fri Dec 21 07:33:58 UTC 2012

Having a love-and-hate relationship with Checkpoint firewalls after working
for 6 years daily with them I am
probably biased :), but will say they are great firewalls once you know to
work with them .
If you are completely new to it I'd recommend Checkpoint CCSA/CCSE from
accredited APT course as the shortest path ,
- CBT Nuggets CCSA course , but last time I checked it was for NGX R65 that
is substantially
  different from current versions, only if you can get it really cheap
- Documentation from Checkpoint site (freely available to everyone) is the
start-all end-all source (I did it
this way) takes time but in the end you will have a through understanding
of the product
- Online is a good place once you know the basics. If, on the other hand,
you don't know to do manual port-forwarding , Google will only suck your
time. But for problems/inconsistencies/debug : - Independent forum where you can always find advice
from many knowledgeable and helpful folks ; Same goes here - people who can
configure route-based VPNs with policy-based routing with closed eyes hang
around here Official support forums from Checkpoint,
less active than 2 above


On Wed, Dec 19, 2012 at 9:35 PM, Blake Pfankuch <blake at> wrote:

> Howdy,
>                 I am just getting into an environment with a large Check
> Point deployment and I am looking for a little bit of feedback from other
> real world admins.  Looking for what people like, what people don't (why
> hopefully).  Also for those of you who might run Check Point devices in
> your environments what to dig into first as far as getting more experience
> on the devices and a better understanding of how not to break them.  I am
> slowly going through all of the official documentation, but would also like
> to hear a real world opinion.
> Thanks in advance!
> Blake

Taking challenges one by one.

More information about the NANOG mailing list