Thank you! Am not sure what i should say about that, when i did take the CCSA course it was 3 days so way to short to actually cover everything and allow for labs, i think this playlist is like 40hours :D Good luck in taking the CCSA if you not already took it.

@@MagnusHolmberg-NetSec I completed the CCSA exam and course over a year ago now. However, i'm actually a network engineer, rather than a security engineer. In my previous position only 15% of my job was managing firewalls, so I forgot a lot of the tasks after awhile. When you dont use it you lose it as they say.

@@marcooconnor aha then videos is a great way to keep up to date :)

Thank you for watching all the videos Rizwan :) Antispoofing in tomorrows video.

Will do! most likely on R80.40 or higher as R80.30 and below is no longer supported.

Hi, Thank you :) Is it the same hardware, meaning its like an RMA unit? or is there a diff in the physical hardware. because a snapshot takes a backup of everything more or less a copy of the disc. Or is the plan to actually do an upgrade with new better hardware? Snapshot Management The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system. Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported. The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be saved. System Backup (and System Restore) System Backup can be used to backup current system configuration. A backup creates a compressed file that contains the Check Point configuration including the networking and operating system parameters, such as routing and interface configuration etc., but unlike a snapshot, it does not include the operating system, product binaries, and hotfixes. Save Configuration (and Load Configuration) Allows saving Gaia OS configuration settings as a ready-to-run CLI script. This allows you review your current setup and quickly restore the Gaia OS configuration.

@@MagnusHolmberg-NetSec hi Magnus, I'm referring to same appliance or if RMA is being done 😊

OK, i would not remove the node member from the cluster in smartconsole. It will be enough with just re-sic it. Then u dont need to fix the topology and such again :) I am normally abit careful so i try to avoid having the production VLAN active on the ports to the new member before i see that i can add it to the cluster, (meaning i normally have SYNC interface up) and then we normally use dedicated interfaces for mgmt. And honestly when it comes to small boxes (none VSX) i just reinstall them from scratch (with blink image) and add the configuration file, then i dont need to be worry that it will take over anything as the new box is not aware of the cluster ip. we try to not have any kind of special configuration on our boxes. Replacing a box then is done in a few min :)

your welcome :)

I have put 2 of them on checkmates, under how to videos. I didn’t want to spam the forum with videos :) but maybe should post a few more of them

Hi, am not aware of any CLI command, so it’s not like VRRP or similar where u give the cluster node a number. I believe that the only place you can check it is within the GUI and the priority is top down in the cluster member list. “ If cluster object is configured as Switch to higher priority Cluster Member, it means that Cluster Member with the highest priority always has to be Active. Cluster Member with the highest priority is the Cluster Member that appears at the top of the list in Cluster object > Cluster Members pane. If the Cluster Member with the highest priority fails, cluster failover occurs. A peer Cluster Member in Standby state, with the next highest priority, becomes Active. If the Cluster Member with the highest priority recovers, cluster failover occurs again. The Cluster Member with the highest priority becomes Active again. The Cluster Member with the next highest priority that was Active, returns to the Standby state. “

failover is on the complete box, all interfaces, including towards internet

This video is part of a multistep serie, so just check the playlist and you will find the installation and setup.

Not really CCSA stuff you are asking about ;) 1: Pnote are "problem notification" stuff that is monitored and if this is incorrect it will cause a failover. 2: Pivot is the member in the cluster that take decition on what cluster member should process traffic. sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ClusterXL_AdminGuide/Topics-CXLG/Load-Sharing-Modes.htm 3: chpaprob -a if will should you how the CCP is setup. 4: havn´t made any videos about that. 5: securexl is used to accelerate traffic, and diff traffic is manage in diff way. there are some great post in community that explains it in detail. community.checkpoint.com/t5/General-Topics/R81-x-Security-Gateway-Architecture-Logical-Packet-Flow/td-p/41747

@@MagnusHolmberg-NetSec Thanks for ur reply sir. Given article for 2nd point is superb. There is a clear explanation in regards to all. Only thing which still baffles me is how that decision is taken ? Is it based on some algorithm which only checkpoint knows ? Regarding 5th point for secure xl, I need complete explanation of it. U have given packet flow part of it, can u point to any article or video which explains secure xl in detail ??

@@vinodsrinivasan9077 supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153832

hehe you mean like an official course completion certificate :) ? Sadly nothing that can be provided via youtube. I hope you did like the videos and learned something atleast :)

@@MagnusHolmberg-NetSec No, I just wanted to share with you the image of the configuration I made of SmartConsole with Manager and Gateways

Cluster XL active / active is supported in r80.40 “New ClusterXL mode: Active-Active ,supports running several cluster members in ACTIVE state, each member is a part of a separated routing domain and handles its own traffic, redundancy is kept during failover.” supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk160736&t=1621391102325

For sync keep in mind that you need to go in to smartconsole and make the topology and specify what should be sync interface, and what is cluster xl interfaces

my recommendation is to do this with SNMP monitoring. You can also see the following post. community.checkpoint.com/t5/General-Topics/Monitoring-standby-member-in-a-cluster/td-p/25584

Hehe ye i will try to make something about it. I promised to start with the MDS and VSX stuff under november. It will be abit more advance then CCSE as those products are actually not within the certification track för CCSE.

@@MagnusHolmberg-NetSec thanks a lot sir..