|
|
|
|
It has been reported in a few places that the R75 CCSA and CCSE exams should be available now. I went out to Pearson VUE’s page this morning to verify, and both of the exams are currently available.
There is also a practice exam for the R75 CCSA available from Check Point’s site. No practice exam for the R75 CCSE as of yet.
Update: I just installed the SmartConsole tools for R75.40 and they take up a whopping 663MB of space. Over half a Gig for the SmartConsole Tools? Wow.
The crowd at IANS was also a little different. Normally when I present for Tufin (in-person or web conference) I am usually speaking with more technical groups and their managers. The initial interest tends to come from operations and engineering teams. At IANS, the groups were more GRC focused. These are the people that need visibility into the access control layers, but rarely have it in a format that best supports their initiatives. Their access is usually limited to certain policies and time frames determined by the operations/engineering teams. Products like Tufin give GRC groups near real-time/read-only access into the firewall policies and allow them to look for items of interest like:
This was the second year for the Minneapolis IANS show, and it was well attended. Most of my four sessions were full, and there was some great interactive discussions. I would say about half of the attendees were existing customers wanting to get a look at the new R12 release. Most of the people that stopped by our room were from well recognized enterprise organizations (retailers, banks, healthcare, carriers) which gives a good indication of the type of crowd IANS tends to draw. There seems to be something about Minneapolis security conferences in that they are usually well attended: this show easily surpassed the one in Chicago. One other thing I will mention, is that Marcus Ranum was in one of my sessions. A bit of a shift to have a headline speaker show up for a vendor presentation (completely unexpected and maybe one of the benefits of the IANS show: more speaker interaction). The guy is one of the early pioneers for firewall technologies (DEC/Alta Vista firewall) and IDS/IPS (Network Flight Recorder). Made for some interesting conversation. The next conference I will be presenting at will be the Secure360 event in May 2012. We tend to do some pretty serious dining, so stop by the booth and say “Hi.” I was hoping to meet a few of you at CPX this year. Since I am no longer at Check Point there was actually a chance that I would be able to attend. In the past the whole Tufin US Sales team would be in attendance. A somewhat last minute change was made, and now it looks as though I am not part of the group. Oh well maybe next year…
I passed the Tufin Certified Security Expert (TCSE) exam a few weeks ago. If I remember correctly, the exam was 50 questions in 60 minutes. It is given online at no cost (although you do need to register), and you can use whatever materials you might need to help pass the exam. Some of the questions are very tough, so it is pretty much expected to have completed the training, and have worked with the product. The current version of the exam focuses on the SecureTrack product exclusively. If you are going to attempt the exam, I would recommend having the following items as part of your setup:
Network Security Management tools are becoming more common in the workplace as firewall policies and router/switch ACLs continue to increase in size and complexity. Adding the TCSE to your resume might be a great way to demonstrate to an employer that you are staying current with the tools and methodologies used for security policy lifecycle management. If you work for a reseller or are a consultant, the TCSE is a great plus for developing a closer relationship with Tufin.
Looks like Check Point has finally released some R75 training materials. Looks like they will also address some of the Software Blades as well. As of today however, they do not have any R75 exams (as seen from the Pearson Vue portal below):  Click for larger image
The “Self-Study” portal has not been updated with any R75 material, so we will have to wait to see if check Point will still continue with that practice (the material was actually pretty good, especially the practice exams). Looks like they have a free training video on the Application Control Blade. Unfortunately it does not come with any lab material. One can only hope that Check Point will seriously consider updating the CCMA exam, as that material was painfully outdated. I took the written exam in April of 2011 and was disappointing to see so many in-depth questions on SmartDefense, Connectra, and (wait for it…wait for it) Interspect!!?? Seriously Check Point you owe me $300USD or at least a free testing voucher if you release a new test. This is a quick video on a tool tucked into the Provider-1/MDM MDG. It allows you to export all of the objects from the ‘Network Objects’ view in the MDG, and then view them in Excel.
Tufin Software is releasing their latest version 6.0 today. If you have not seen this tool in a while, you will be impressed with all of the enhancements. SecureTrack has become a “must have” for anyone managing a medium large firewall environment, or an environment with multiple vendors. It supports Check Point, Cisco (ASA/PIX and IOS), Junos (network gear and firewalls), Fortinet, Palo Alto, Blue Coat, f5 and iptables. Several key enhancements in this new version include: Visual Topology (think of SmartMap for all of your Check Point and non-Check Point firewalls and ACLs).  Tufin 6.0 Topology
High Availability Palo Alto support for User-ID and App-ID CIS Benchmark Audits (very very cool stuff for Cisco IOS)
From the Release Notes:
What’s New in R71.40Upgrade from R70.40 directly to R71.40 Security Management
Security Gateway
Security Gateway 80
Windows 7 32-bit and 64-bit Support
Enhanced Secure Workspace
VPN Client This version includes a deployment package of Endpoint Security VPN R75, which replaces SecureClient and Endpoint Connect. For automatic deployment of the new VPN client, select a client upgrade mode in Global Properties > Remote Access > Endpoint Connect. Some interesting new enhancements (from the notes): Security Management
New Remote Access Client Support
Security Gateway
Security Gateway 80 Series
Windows 7 32-bit and 64-bit Support
Enhanced Secure Workspace
VPN Client
Another temporary “dead-end” release. This means that there are now two releases (R71.30 and R71.40) that cannot be upgraded directly to R75. Also interesting that you can upgrade from R70.40 to R71.40, so you now have two options to move off R70.40: R71.20 and R71.40. I am running out of room on the Roadmap and Upgrade Path diagrams, so I have to see how I can fit this new information. |
|
|
Copyright © 2012 fireverse.org - All Rights Reserved Powered by WordPress & Atahualpa |
|
Recent Comments