Check Point Firewall Appliances
Yuri Slobodyanyuk
yuri at yurisk.info
Fri Dec 21 07:33:58 UTC 2012
Having a love-and-hate relationship with Checkpoint firewalls after working
for 6 years daily with them I am
probably biased :), but will say they are great firewalls once you know to
work with them .
If you are completely new to it I'd recommend Checkpoint CCSA/CCSE from
accredited APT course as the shortest path ,
Alternatives:
- CBT Nuggets CCSA course , but last time I checked it was for NGX R65 that
is substantially
different from current versions, only if you can get it really cheap
- Documentation from Checkpoint site (freely available to everyone) is the
start-all end-all source (I did it
this way) takes time but in the end you will have a through understanding
of the product
- Online is a good place once you know the basics. If, on the other hand,
you don't know to do manual port-forwarding , Google will only suck your
time. But for problems/inconsistencies/debug :
http://cpug.org - Independent forum where you can always find advice
from many knowledgeable and helpful folks ;
http://www.cpshared.com/forums/ Same goes here - people who can
configure route-based VPNs with policy-based routing with closed eyes hang
around here
https://forums.checkpoint.com/ Official support forums from Checkpoint,
less active than 2 above
HTH
Yuri
On Wed, Dec 19, 2012 at 9:35 PM, Blake Pfankuch <blake at pfankuch.me> wrote:
> Howdy,
> I am just getting into an environment with a large Check
> Point deployment and I am looking for a little bit of feedback from other
> real world admins. Looking for what people like, what people don't (why
> hopefully). Also for those of you who might run Check Point devices in
> your environments what to dig into first as far as getting more experience
> on the devices and a better understanding of how not to break them. I am
> slowly going through all of the official documentation, but would also like
> to hear a real world opinion.
>
> Thanks in advance!
>
> Blake
>
--
Taking challenges one by one.
http://yurisk.info
More information about the NANOG
mailing list