Checkpoint 156-315.81 Exam With Confidence Using Practice Dumps

NAT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are enabled by default and work only if Accept Templates are enabled1. According to the web search results, NAT Templates are a feature of SecureXL that accelerates the performance of the Security Gateway by offloading CPU-intensive operations to the SecureXL device2. NAT Templates are supported for Static NAT and Hide NAT using the existing SecureXL Templates mechanism1. NAT Templates are disabled by default on Check Point Security Gateway R80.10 and below, but they are not relevant to SecureXL in versions R80.20 and above, as all template handling has moved to the Firewall1. NAT Templates can be enabled or disabled by setting the relevant kernel parameters in $FWDIR/boot/modules/fwkern.conf file1.

References: SecureXL NAT Templates in R80.20 and lower - Check Point Software, SecureXL - Check Point Software

To simplify security administration when working with multiple Security Gateways enforcing an extensive number of rules, you would choose to create a separate Security Policy package for each remote Security Gateway. A Security Policy package is a set of rules and objects that can be assigned to one or more Security Gateways. This allows you to manage different policies for different gateways from the same Management Server1. The other options are either not effective or not feasible for simplifying security administration. References: Check Point R81 Security Management Administration Guide

You can switch the active log file by running fw logswitch on the Management Server1. This command closes the current log file and creates a new one2. It is useful for archiving or backing up log files, or for creating a new log file for a specific time period2. You can also schedule the log switch to occur automatically at a regular interval, such as daily, weekly, or monthly2. To run this command, you need to access the Management Server in expert mode and run fw logswitch1. You can also use the SmartView Tracker to switch the active log file from the GUI. To do this, go to the Network & Endpoint tab, click on the File menu, and select Switch Active File…3.

References: How to switch the active log file - Check Point Software, fw logswitch - Check Point Software, Troubleshooting Check Point logging issues when Security Management Server / Log Server is not receiving logs from Security Gateway - Check Point Software