Join @indeni Tweet Sweep at CPX 2017

 Tweeting for prizes for CPX? Yes, please!

indeni is thrilled to participate in our fifth consecutive year at Check Point Experience (CPX). As one of the major firewalls indeni covers, we love connecting with the Check Point community year after year. In order to connect with each of you, we are kicking off the @indeni Tweet Sweep to open up the conversation even before CPX! Tweet at @indeni your answers to the weekly questions posted on our Guide to CPX and collect your prizes at our CPX booth!

@indeni Tweet Sweep of the Week:

What was your favorite CPX + indeni memory

from CPX 2016 in Chicago?

How can you participate?

Did you say prizes?!

  • 1 tweet = 1 indeni sticker
  • 3 tweets = 1 indeni T-shirt
  • 10 tweets = WIN A DRONE!
           (While supplies last)

How do I get my prizes?

  • Stop by our booth at CPX
  • Show us your tweets
  • Claim your prizes!!

Q: I am having trouble thinking of good tweets…

A: No Problem! Here are some ideas for this weeks Tweet Sweep:

  • @indeni I realized what it means to be truly proactive. Preloaded knowledge running around the clock versus a red light/green light. Thanks
  • @indeni I spoke with indeni’s CEO/founder, @yonadavl, about indeni’s knowledge around VPN Tunnels & expired contracts. Exciting work!
  • @indeni I took a selfie with the indeni team!
  • @indeni  who knew indeni could alert me to expiring licenses, learned that in their demo at CPX
  • @indeni  in a sea of blue smiley faces lies a change in how security and operational teams look at their environment.
  • I saw a great live demo at the @indeni  booth…the smiley face t-shirt was a great bonus, too!
    (Feel free to share a photo of you wearing your T-Shirt!)
  • @indeni the Nerf Guns still crack me up
  • Got drinks with @indeni  after day 2. The team is very knowledgeable and dedicated to their smiley face shirts!
  • @indeni  made the expo floor fun and stimulating. I am looking forward to seeing what they do this year!
  • @indeni  I spotted the indeni team at a Happy Hour by their Smiley Face T-Shirts. Great talking to a fun group of people!

In conclusion

CPX is 6 weeks away but the fun can start now! Check back for next week’s tweet of the week.

Good Luck!

Check out our Check Point solutions here.

Meet indeni in October

This October, we are hosting a few events across the east coast of the United States together with our partners. So, if you’re in the area, you are welcome to join:

  • Atlanta, GA – Sayers, Check Point and indeni are taking you shooting. Event details…
  • Boston, MA – Zensar, Check Point and indeni are challenging you with a puzzle. Event details…
  • Buffalo, NY – Netanium, indeni and others are getting you drinks. Event details… 

Looking forward to meeting you face to face!

Top Configuration Issues To Look Out For In Check Point Firewalls

We have been running a webinar for a while now that discusses the top configuration-related mistakes we see people making with Check Point firewalls. Some of the sessions I ran myself!

Since many attendees asked for a document detailing the tips, we thought we’d make it available here.

Top checks to run regularly on your firewalls (once a month or so):

  • Make sure NTP is not just configured but actually works. For example, in Gaia, you should go into clish, run “show ntp servers” and then go into expert mode. Once there, run “ntpdate -u <ntp_server_ip>” for each NTP server configured. Look for errors like “no server suitable for synchronization found”.
  • Compare static routing tables between members of a cluster. We suggest running “netstat -rn | wc -l” as a first step to see if the number of routes is the same.
  • Compare the CoreXL configuration across cluster members using “fw ctl multik stat”. Note that if your ClusterXL is in Ready state (shown in the output of “cphaprob stat”) it may be because the CoreXL configuration is different between the members of the cluster.
  • Compare the SecureXL configuration across cluster members using “fwaccel stat”. Note that the only other way for you to know there is a configuration difference is to see a massive spike in CPU usage on the secondary cluster member when it becomes active.
  • Make sure that no one has left debug on as it can really hog the CPU. To disable debug at the kernel level, run “fw ctl debug 0”. At the user level you need to use the “fw debug” command as described by Kellman Meghu.

In the webinar we go through a few more checks we recommend doing regularly. Come join us, it’s free!

Support for Palo Alto Networks Firewalls + Ignite 2016

The firewall market has been on fire (no pun intended) for several years now. The latest security incidents and the need for better solutions have resulted in innovation coming from most of the large firewall vendors. It also resulted in a startup, that just until a few years ago was considered a new entrant and unknown to most.

That startup is now a public company with tens of thousands of customers. That startup is Palo Alto Networks.

For us at indeni, it’s always incredible to watch what’s going on in the market. We strive to partner with all the manufacturers and provide preemptive maintenance for every single network device out there. It puts us in the interesting situation of seeing what’s going on, what customers are saying and who is deploying what (and in some cases, what they are replacing).

It truly is amazing.

As we’ve seen increased demand from the market to support Palo Alto Networks, we’ve decided it’s time to get it done. Palo Alto Networks have made a huge mark and are growing at an amazing pace, I must say that watching them is inspiring.

Therefore, I’m pleased to announce that support for Palo Alto Networks firewalls will be added to indeni in time for Ignite 2015. We will be there, look for us in the aptly named Innovation Alley.


The EIGRP Challenge #1

We’ve put together a few challenges because… well, we’re just fun like that. Here is the first of a few to come, show us how well you know EIGRP. Go!

A mid-sized company in New York hired a promising new network engineer — Jeff — after the previous network engineer retired. Intent on making a good impression, Jeff did some research and decided to implement EIGRP in the network that he’s looking after.

To his surprise and dismay, when he made, what he considered necessary configuration changes, the network stopped functioning! Angry users have started calling in from all over the organization. His manager and the Head of IT Operations want answers now.

Jeff has tried to find the problem by analyzing his monitoring systems, but the results only confirm that all routers are powered on and functioning properly.

What should he do?

Help Jeff locate and resolve the problem so that he can go home and watch the new season of Game of Thrones (and keep his job)!

Here is the topology of Jeff’s network:

The EIGRP Challenge The EIGRP Challenge

The first one to identify the problem, resolve it and provide an elegant solution will win a brand new Phantom Keystroker (so you could ”help” your work friends in future)!

How does the challenge work?

  • Download the GNS3 simulator from here.
  • Load the network topology from the EIGRP_CHALLENGE folder.
  • Power on GNS3 (c3640 is the IOS image you should be using).
  • BE THE FIRST ONE to solve all the issues in Jeff’s network. Prove that there is full coverage of EIGRP in the network by sending us a screenshot of the routing tables, and config files.

The winner will be announced on April 30th in the indeni community blog.

* Contest Rules