R77.30 still king, most common issues identified by Indeni

R77.30 still king, most common issues identified by Indeni
0

#1

Hi everyone,


As you may have noticed, we've recently begun exposing Insight V2 in these forums. Insight gives us a lot of non-confidential data about customers' environments, to help build better knowledge for us all.


Looking at our data for Check Point devices we've learned a few interesting things:

  • R77.30 is still king. Released in May 2015, over 80% of Check Point devices Indeni is connected to are running this version. We are starting to see migrations to R80.10 (released May 2017), currently slightly less than 10% of all devices.
  • The most common class of issues found by Indeni pertain to consistency of configuration across cluster members. One of these, different static routing tables, has been a common issue we've identified in Check Point environments for many years now. Good to see old habits die hard.
  • Interestingly, 10.7% of Check Point devices we're connected to have reported failed attempts to log into the device via SSH. This is concerning, as it may mean that too many people have their firewalls' SSH port open to the public Internet.


Interested in anything specific? Let us know in the comments below!



#2

Thanks for sharing, Yoni! I'm curious if we can tell out of the 10.7% of Check Point devices that had failed attempts to log into the device via SSH were possible brute force attacks, and where they originated from?


#3

Cool things! What is the oldest version monitored by Indeni?