Check Point CCSE Notes

Following my post on Check Point CCSA Exam notes, in this post I’m gonna write notes on CCSE exam. Though this time I won’t fall into configuration and try to only point out the more important and real-world-applicable things.

Management Server HA

  • When adding a new Check Point host as a Secondary Management Server, do not Initialize SIC before selecting Network Policy Management feature!
  • After adding the host, save and Install the policy; synchronization will then work.

As a reminder, whenever you reset the SIC for a Gateway from Management Server, it should be re-initialized from the Gateway by cpconfig; don’t forget to exit cpconfig!

ClusterXL

Check Point calls its clustering solution ClusterXL which supports up to 8 Cluster members and can be implemented in two main flavors:

  1. Load-sharing
    • Multicast mode: 50/50, very efficient and excellent performance
    • Unicast mode: 70/30, to be used in environments where an intermediate device has issues with multicast MAC address (IGMP Snooping)
  2. High Availability (HA)
    • New Mode: Each member has its own physical IP address
    • Legacy Mode: Both members have the same physical IP address

To make kernel changes permanent, they should be written in $FWDIR/modules/fwkern.conf

Continue reading “Check Point CCSE Notes”

Share this!

DRBD with Cluster File System on Debian Jessie

Hi,

I’m Sina Moghaddas, and this my first post as a co-author to my brother ?

In this post, I am going to show you how to setup DRBD with OCFS2.

DRBD® refers to block devices designed as a building block to form highly available (HA) clusters. This is done by mirroring a whole block device via an assigned network. DRBD can be understood as a network based raid-1.

OCFS2 is a general-purpose, shared-disk, clustered filesystem for Linux, which is capable of providing both high performance and high availability.

ok, here we go ?

Continue reading “DRBD with Cluster File System on Debian Jessie”

Share this!