Technical Sessions

With Check Point's release of R70.1, there have been numerous improvements and a new focus on the operational and change management aspects of Firewall Operations Management. This presentation will demonstrate some of the new elements within the SmartConsole that have been improved in R70.1, as well as some old but not recognized features, all of which are designed to make a Firewall Admin's job easier. The second half of the presentation will examine Check Point's SmartWorkflow Blade, showing its strengths and weaknesses and comparing it to other change management and workflow technologies.

Presenter:  Robert Mitchell, CCSE+, owner and CEO of PureSecurity Pty Ltd, a Check Point Focused Security Consultancy and MSP in Sydney, Australia.

Duration:  90 minutes

On the CPUG discussion board, he is "Thorpuse".

Robert Mitchell will explain the current state of affairs with the new R70 Software Blade Architecture, with a particular emphasis on an examination of whether the new architecture represents new functionality or is just another opportunity for a "License Upgrade".

Presenter:  Robert Mitchell, CCSE+, owner and CEO of PureSecurity Pty Ltd, a Check Point Focused Security Consultancy and MSP in Sydney, Australia.

Duration:  60 minutes

On the CPUG discussion board, he is "Thorpuse".

Würth ITensis CEO Mr. John Fisher will give us a virtual tour of the Würth data center in Chur.  He cares so much for the security of his customers and systems that CPUG conference attendees aren't even allowed in!  As compensation, he'll be showing us lots of photos and talking about their various security policies and procedures.

Presenter:  Mr. John Fisher, CEO of Würth ITensis, in Chur, Switzerland

Duration:  60 minutes

Crossbeam, like Nokia, Check Point and Resilience, makes platforms for Firewall-1/VPN-1.The architecture of the X-series platform allows the implementation of a highly redundant load balanced firewall cluster. Carsten Löhn will discuss the basic concepts of that architecture and demonstrates the basic steps from the blank system to a running firewall cluster.

Duration:  60 minutes

Presenter:  Carsten Löhn is Senior Trainer and Consultant at ExperTeach GmbH in Germany.

Business units regularly make firewall change requests:  Often tens to hundreds of change requests per week.  The process of meeting the requests is complex:  It involves multiple people in different organizations, it involves several approvals and checks, and it is subject to audit and regulation.  Many organizations do have a "change management system" in place - but such workflow or ticketing systems are focused only on process administration, and do not have insight into the specifics of firewall changes.

In this presentation, Dr. Wool will describe the AlgoSec method of dealing with rule base change control challenges by introducing - and showing a live demo - of the FireFlow system. FireFlow is an intelligent workflow system built specifically for the change process in network security devices.

Duration:  90 minutes

Presenter:  Dr. Avishai Wool, Co-founder and CTO of AlgoSec in Petach Tikva, Israel

In this presentation we're covering troubleshooting for the common problems in a Check Point environment.

• Learn how to use command line tools to see the health of your system and if your network is working correctly.
• Have a look at your firewall operations using fw monitor and see what you can do when your VPN fails.
• The best way to open Service Requests with Check Point, so that you can provide the most useful information to the supporters to solve your problem.
• We'll also have a look backstage and see how the TAC is organized and how escalations can be done.

Duration:  120 minutes

Presenter:  Tobias Lachmann, CCSE+, is a Technical Consultant with MCS Moorbek Computer Systeme in Hamburg, Germany and has over eight years of experience with Check Point Products.

Valeri Loukine will give us a first look at the SecurePlatform Provisioning tool and compare it to Nokia Horizon Manager.

Presenter:  Valeri Loukine, CCMA, Senior Security Engineer at Dimension Data in Switzerland.

Duration:  60 minutes

On the CPUG discussion board, he is "varera".

SecuRemote and SecureClient are now scheduled for EOL (End-of-Life).  Robert Mitchell will give a demonstration and discussion of the Check Point technologies replacing these old favorites:

• Endpoint Connect:  What it has and (more importantly) what it doesn't have.
• SNX
• Connectra (or whatever it's R70 equivalent is)

Presenter:  Robert Mitchell, CCSE+, owner and CEO of PureSecurity Pty Ltd, a Check Point Focused Security Consultancy and MSP in Sydney, Australia.

Duration:  60 minutes

On the CPUG discussion board, he is "Thorpuse".

While a VPN-1 gateway cluster requires a distributed installation with a separate SmartCenter, the new UTM-1 appliances relieve this prerequisite.  Now you can have a gateway cluster with SmartCenter installed and enjoy also free management high availability.  The migration from a distributed installation to UTM-1 appliances is somewhat tricky, though.  This presentation will show you how it's done and what you need to think of while doing it yourself.

Duration:  60 minutes

Presenter:  Tobias Lachmann, CCSE+, is a Technical Consultant with MCS Moorbek Computer Systeme in Hamburg, Germany and has over eight years of experience with Check Point Products.

The number one complaint by Check Point administrators is how much time and resources are consumed trying to understand Check Point product licensing and then fighting with Check Point over those licenses.  And then it seems within months they'll completely restructure the licensing and rename many products in the process.

Valeri Loukine will explain the current licensing scheme, discuss optimal strategies for managing your licenses, and try to identify themes to better prepare for the next major licensing restructuring.

Presenter:  Valeri Loukine, CCMA, Senior Security Engineer at Dimension Data in Switzerland.

Duration:  60 minutes

On the CPUG discussion board, he is "varera".

Valeri Loukine is Switzerland's first CCMA (Check Point Certified Master Architect).  He'll tell us about the process of earning Check Point newest and most advanced technical certification.

Presenter:  Valeri Loukine, CCMA, Senior Security Engineer at Dimension Data in Switzerland.

Duration:  60 minutes

On the CPUG discussion board, he is "varera".

Now that Check Point has purchased the Nokia IPSO line of security appliances, they have an opportunity to retain the best features from both platforms.  Valeri Loukine will analyze the strengths and weaknesses of both operating systems and show what he'd like to see in the final merger.

Presenter:  Valeri Loukine, CCMA, Senior Security Engineer at Dimension Data in Switzerland.

Duration:  60

On the CPUG discussion board, he is "varera".

It took many years, but IPSec is now the established standard for VPN's over the Internet.  Check Point's new Community-based method for VPN configuration has eliminated many of the difficulties, but the underlying algorithms remain fascinating.  Yasushi will answer these questions, and more:

Why is there no Phase III?

"Stateless", or "Puzzles"?

Yasushi says he won't be giving these answers until the end of his presentation because he wants to maintain "Perfect Forward Secrecy".

Yasushi will also be presenting an Excel spreadsheet for calculating and experimenting with the Diffie-Hellman Key Exchange.

Duration:  90 minutes

Presenter:  Yasushi Kono, Senior Technical Consultant at ComputerLinks GmbH in Dreieich (Germany)。

On the CPUG discussion board, he is "Yasushi Kono".

According to Gartner's Magic Quadrants, Check Point and Juniper are the two leaders in this market segment.  Yasushi Kono will compare and contrast these two product and help us understand some fundamental underlying differences.

Duration:  90 minutes

Presenter:  Yasushi Kono, Senior Technical Consultant at ComputerLinks GmbH in Dreieich (Germany)。

On the CPUG discussion board, he is "Yasushi Kono".

While rather old technology in Firewall-1/VPN-1, Authentication can still be useful.  Carsten Löhn will compare and contrast User, Client, and Session authentication and discuss the configuration details.

Duration:  90 minutes

Presenter:  Carsten Löhn is Senior Trainer and Consultant at ExperTeach GmbH in Germany.

We will review the logic behind Object Filler and Object Dumper version 2.4 (the latest available), including the different options the tools have, what the best use for them is, and what to do if you get stuck in a problem.  We will discuss, among other points:

• Scripting network object creation
• "Dumping" SmartCenter Server configurations
• Why do we have different file types supported
• Working with SmartCenter Servers
• (If time allows) Basic things to look at when Working with Provider-1
• Capabilities when converting from other firewall brands to Check Point

Duration:  120 minutes

Presenter:  Martín Hoz is Systems Engineering Manager, Latin America, with Fortinet.

Real life experience shows that firewall administrators spend too much time on labor intensive, repetitive tasks. Tufin's CTO, Reuven Harrison, will present the new tools that automate these tasks. Specifically, we will focus on change management, firewall deployment and rule base maintenance. Our goal is to demonstrate how firewall administrators can free up their time so they can focus on security architecture and strategy rather than mundane operations.

Duration:  60 minutes

Presenter:  Reuven Harrison is CTO at Tufin Technologies

Simon Desmeules will discuss the importance of High Availability and will show how Resilience Security Gateway platforms can provide much more visibility and failure monitoring than a standard Security Gateway.

Duration:  60 minutes

Presenter:  Simon Desmeules is Senior Systems Engineer at Resilience

Sooner or later, many large organizations will realize they're buying and maintaining far too many SmartCenter Servers and trying to keep organization-wide objects synchronized in all of them.  At this point, the thought of migration to Provider-1 comes into the picture.

Valeri Loukine will draw on his years of experience and discuss the important tips and tricks for completing this complex upgrade with the least amount of trouble.

Presenter:  Valeri Loukine, CCMA, Senior Security Engineer at Dimension Data in Switzerland.

Duration:  120 minutes

On the CPUG discussion board, he is "varera".

Valeri Loukine will walk us through many undocumented techniques and let us benefit from his years of experience.

Presenter:  Valeri Loukine, CCMA, Senior Security Engineer at Dimension Data in Switzerland.

Duration:  60 minutes

On the CPUG discussion board, he is "varera".

Robert Mitchell will give a full demonstration on Eventia: what it is, what does it do, what are the hardware requirements, and what are the cost and licensing requirements.

Presenter:  Robert Mitchell, CCSE+, owner and CEO of PureSecurity Pty Ltd, a Check Point Focused Security Consultancy and MSP in Sydney, Australia.

Duration:  60 minutes

On the CPUG discussion board, he is "Thorpuse".

We will look at the general methods of kernel debugging and see, how it can be done for specific parts of the Check Point environment. Check out the advanced use of fw monitor and the analysis of the captures files with graphical tools like Wireshark. Learn how to troubleshoot UTM-1 Edge appliances as well as SmartCenter or GUI problems.

Duration:  120 minutes

Presenter:  Tobias Lachmann, CCSE+, is a Technical Consultant with MCS Moorbek Computer Systeme in Hamburg, Germany and has over eight years of experience with Check Point Products.

Sit down with a group of very experienced and knowledgeable experts and get your questions answered.

Moderator:  Barry Stiefel, CCSA/CCSE/CCSE+, President of CPUG and owner of Information Engine, Inc. in San Francisco

Duration:  60 minutes

On the CPUG discussion board, he is "BarryStiefel"