CPUG CON 2008 EUROPE
The Check Point User Conference
September 8th - 9th, 2008
Chur ("Koor"), Switzerland

We're CPUG.
The User Group For The
 Check Point Community


Technical Sessions

These are "Groups", not "Tracks".  You can choose to attend whichever Technical Sessions you wish, from any group.   As we get closer to the conference, we'll specify time blocks for these sessions.

Group 1:  Firewall-1/VPN-1 Under The Hood
Group 2:  Technical Presentations By OPSEC Partners
Group 3:  How To Deal With Your Work And Regulatory Environment
Group 4:  How To Deal With Check Point
Group 5:  We Help Each Other Out


Group 1: Firewall-1/VPN-1 Under The Hood:

___101:  Live!  Zero Interruption Upgrade From R62 / IPSO 4.1 To R65 / IPSO 4.2
"A Live Demonstration Migrating A Nokia VRRP Cluster Without Any Disruption Of Already Established Connections"

Using live equipment and live connections, Yasushi will do a complete OS and Firewall-1/VPN-1 upgrade on a Nokia VRRP cluster, all the while maintaining uninterrupted connectivity, including existing connections.  Not even Check Point's documentation provides all the details on how to successfully complete this task.  All attendees will receive a detailed checklist to follow along and to bring home.

Presenter:  Yasushi Kono, CCSA/CCSE/CCSE+, Senior Technical Consultant at ComputerLinks GmbH in Dreieich, Germany, the biggest CheckPoint Partner in Europe

On the CPUG discussion board, he is "Yasushi Kono"

 

___102:  Networking Essentials For Firewall Administrators
"What You Need to Know Before the Packets Flow"

This session will be a fast one hour review of the most important underlying networking essentials for firewall administrators, including:

  1. Networking Protocols
  2. IP Protocols
  3. The OSI Seven-Layer Networking Model
  4. TCP And UDP
  5. IP Addresses, Subnet Masks and Routing
  6. Address Resolution Protocol (ARP)
  7. Putting It All Together

Even experienced administrators will find this refresher tutorial useful.  This talk has been extremely popular with advanced Check Point students.  Fill in the missing gaps in your skillset!

Presenter:  Barry Stiefel, CCSA/CCSE/CCSE+, President of CPUG and owner of Information Engine, Inc. in San Francisco

On the CPUG discussion board, he is "BarryStiefel"

 

___103:  Integrating Active Directory with Firewall-1/VPN-1
"A Detailed Under-The-Hood Demonstration"

Reducing the count of user databases and moving towards Single Sign On (SSO) is a goal in many organizations.  Firewall-1/VPN-1 allows integration with your existing Active Directory / LDAP servers.

Yasushi will do the complete process from start to finish, including the tricky (and undocumented in the official courseware) process of extended the Active Directory schema via LDAP-SSL prior to integrating LDAP into your Secure Virtual Network.

Presenter:  Yasushi Kono, CCSA/CCSE/CCSE+, Senior Technical Consultant at ComputerLinks GmbH in Dreieich, Germany, the biggest CheckPoint Partner in Europe

On the CPUG discussion board, he is "Yasushi Kono"

 

___104:  NAT For Newbies (And Not So Newbies)
"All About NAT"

Most network and firewall administrators learn about Network Address Translation (NAT) by having the secrets passed down to them as part of the oral folklore of the IT Global Village.  This session will thoroughly explore the world of NAT, including:

  1. What is NAT?
  2. When Would I Use NAT, and Why?
  3. Security Implications of NAT
  4. Hide Mode NAT vs. Static Mode NAT
  5. Automatic Rule Creation vs. Manual Rule Creation
  6. Special Issues Including Routing and ARP
  7. Putting It All Together

Even experienced administrators will find this refresher tutorial useful.  Fill in the missing gaps in your skillset!

Presenter:  Barry Stiefel, CCSA/CCSE/CCSE+, President of CPUG and owner of Information Engine, Inc. in San Francisco

On the CPUG discussion board, he is "BarryStiefel"

 

___105:  Integrating RSA SecurID Into Your Check Point Environment
"Why Re-Invent The Wheel?"

Yasushi will discuss the common problems and issues and step through the process.  Use your Firewall-1/VPN-1 Security Gateways as SecurID clients!

Presenter:  Yasushi Kono, CCSA/CCSE/CCSE+, Senior Technical Consultant at ComputerLinks GmbH in Dreieich, Germany, the biggest CheckPoint Partner in Europe

On the CPUG discussion board, he is "Yasushi Kono"

 

___106:  Tutorial And Demonstration On The New Disaster Recovery Features In Firewall-1/VPN-1
"Five Strong Choices For Disaster Recovery"

After years of complaints about the limited Disaster Recovery options in Firewall-1/VPN-1, Check Point recently rolled out many robust and useful tools for making reliable backups.  In this tutorial and demonstration, see them in action, including:

  • Policy Package Management
  • Database Revision Control
  • Upgrade_Export/Upgrade_Import
  • Backup/Restore
  • Snapshot/Revert

Presenter:  Barry Stiefel, CCSA/CCSE/CCSE+, President of CPUG and owner of Information Engine, Inc. in San Francisco

On the CPUG discussion board, he is "BarryStiefel

 

___107:  Working with UTM-1 Edge clusters in Centrally Managed Environments
"Configuration, Maintenance, Real World Practice and VPN Networking with UTM-1 Edge Boxes."

An insightful view about the possibilities working with UTM-1 Edge boxes in large setups, including "Do's and Don'ts", common issues and how to troubleshoot them, even in HA-configurations.  This will be a strong overview about when to go for an UTM-1 Edge and when to consider another solution.

Presenter:  Danny Trommer, CCSA/CCSE/CCSE+/CPSC, Senior IT-Security Engineer and Chief Check Point technician at Electronic Service Center, in Halle (Saale), Germany.

On the CPUG discussion board, he is "dantro".

 

___108:  Check Point and Security Operations Management
"Check Point and Security Operations Management Showcasing SmartCenter, Eventia Analyzer and Tufin's SecureTrack products."

Presenter:  Robert Mitchell, CCSE+, owner and CEO of PureSecurity Pty Ltd, a Check Point focused Security Consultancy and MSP in Sydney, Australia.

On the CPUG discussion board, he is "Thorpuse".

___109:  Under-The-Hood With SecureClient

"What Not To Do With SecureClient"

Common mistakes, accidents and vulnerabilities that are potentially available through extending your security perimeter.  A little bit BlackHattish, and hopefully not too terrifying...

Presenter:  Robert Mitchell, CCSE+, owner and CEO of PureSecurity Pty Ltd, a Check Point focused Security Consultancy and MSP in Sydney, Australia.

On the CPUG discussion board, he is "Thorpuse".

___110:  How To Configure and Use DShield
___111:  Firewall-1 Order Of Operations
___112:  Connectra and Check Point’s SSL VPN solution – Up Close and Personal
___113:  All About Check Point Integrity
___114:  How To Manage Very Large Rulebases
___116:  How To Get The Most Out Of Check Point Logging
___117:  When Firewall-1/VPN-1 Isn’t Enough: Why And How To Upgrade to Provider-1
___118:  Special Topics For Large Configurations And High Traffic Loads
___119:  Current Topics With VoIP
___120:  Web Intelligence
___121:  Current Issues In SmartDefense
___122:  Upgrading Firewall-1/VPN-1

Group 2: Technical Presentations By OPSEC Partners:

Serious, technical, under-the-hood lectures and demonstrations geared towards end-users.  Not a sales or marketing presentation.

Please contact Barry Stiefel ("Stee-ful") at 1-415-543-5222 or bjstiefel <(at)> CPUG <(dot)> org to discuss the opportunities here.

___201:  Resilience and Integrated High Availability:  A Look Behind The Scenes
"Resilience and Integrated High Availability: A Look Behind The Scenes"

Every good theatrical production has a host of people behind the scenes working to make sure things go just right.  Resilience iHA appliances are no exception.  In this session we'll look behind the scenes of a Resilience iHA appliance and find the hard working components that make Resilience firewall appliances the best high availability solutions in the industry.

Presenter:  Lora Price, Resilience Corporation

Group 3: How To Deal With Your Work And Regulatory Environment:

___301:  How To Deal With Compliance Requirements:  SAS 70, Sarbanes-Oxley, PCI, HIPAA, Others
___302:  New Check Point Tools For Regulatory Compliance Reporting
 

Group 4: How To Deal With Check Point:

___401:  A Guided Tour Through The Check Point Price List
___402:  Everything You’ve Ever Wanted To Know About Check Point Licensing
___403:  A Behind-The-Scenes Look At Check Point Technical Support Services
___404:  Inside Check Point Software Training And Certifications
___406:  The New Check Point CCMA Certification And Training And Certification Q&A
___407:  Check Point Road Map

Group 5: We Help Each Other Out:

___501:  Community Discussion: Ask The Experts

"Ask-The-Experts Discussion Panel"

Sit down with a group of very experienced and knowledgeable experts and get your questions answered.

Presenter:  Barry Stiefel, CCSA/CCSE/CCSE+, President of CPUG and owner of Information Engine, Inc. in San Francisco

On the CPUG discussion board, he is "BarryStiefel"

 

___502:  Community Discussion:  Challenges And Opportunities In Our IT Security Careers

"Improving Our Careers"

As a group, we'll discuss career paths and opportunities in the Check Point / Firewall / IT Security space.

Specifically, we'll look at questions like:

1.  How valuable are Check Point certifications?
2.  What other certifications or skills best complement being a Check Point specialist?
3.  How big is the risk of off-shoring, and what can we do individually to protect ourselves?
4.  How is this career going to change in the future, and how can we be ready for it?
5.  What works and what doesn't in terms of career advancement in this field?

Presenter:  Barry Stiefel, CCSA/CCSE/CCSE+, President of CPUG and owner of Information Engine, Inc. in San Francisco

On the CPUG discussion board, he is "BarryStiefel"

 

___503:  Community Discussion:  Tell Us About Your Network

"Network Show-and-Tell"

1.  Which Check Point products are you using?  Which work?  Which don't?
2.  What else have you got going on in your network?
3.  What are the special issues you're facing now?
4.  What are your upgrade plans?

Presenter:  Barry Stiefel, CCSA/CCSE/CCSE+, President of CPUG and owner of Information Engine, Inc. in San Francisco

On the CPUG discussion board, he is "BarryStiefel"

 

___504:  Community Discussions:  Birds Of A Feather

"Request-Generated Break-Out Groups"

We'll post a sign-up sheet for attendees to request specific break-out groups.  During this session we'll split up and meet with fellow attendees with the same interests and issues.

 

___505:  Community Discussion:  We Collaboratively Prepare Our List Of Requests For Features And Improvements

"Users Provide Feedback to Check Point"

This will be the final General Session of the conference.  As a group, we will collaboratively compile our list of how we'd like to see Check Point better meet the needs of its customers and end-users.  From product stability to technical support, from features to training and certification, here's our chance to present our wish list to Check Point in a unified voice.  At the end of the conference, CPUG will deliver the list to Check Point CEO Gil Schwed.

Presenter:  Barry Stiefel, CCSA/CCSE/CCSE+, President of CPUG and owner of Information Engine, Inc. in San Francisco

On the CPUG discussion board, he is "BarryStiefel"

 


Click Here To Register For CPUG CON 2008 EUROPE

CPUG®, InformationEngine®, and InformationEngine.com® are registered trademarks of Information Engine, Inc.