Improve company productivity with a Business Account.Sign Up

x
?
Solved

Checkpoints !

Posted on 2013-01-20
9
Medium Priority
?
352 Views
Last Modified: 2013-05-30
Hello,

We have Checkpoint firewalls at branch offices which would be integrated to a Checkpoint Smart-center at the central HO.

I understand (although not sure) if its possible for us to edit / change the configurations for multiple of branch site firewalls at same time ? Does Smart-center permit such or is it the case that only one person can login to make changes to one given box ?

Thx in advance.




Regards,
AM.
0
Comment
Question by:rush2amol
6 Comments
 
LVL 18

Accepted Solution

by:
deimark earned 672 total points
ID: 38799307
A single smartcentre can manage multiple firewalls and when we push the changes, it can go to more than one firewall at a time.

We can limit what firewalls users can modify through the user roles and permissions section, but in essence, the answer is yes.
0
 
LVL 10

Assisted Solution

by:ujitnos
ujitnos earned 664 total points
ID: 38799803
At a given point of time, only one admin with read/write access can do changes in a SmartCenter Dashboard. If a second read/write admin tries to login, he/she will get a message saying that another admin is logged in, and he will have an option to login as a Read-Only user.
0
 

Author Comment

by:rush2amol
ID: 38800451
Hi Deimark, If I understand you correctly multiple admins can perfrom read/write in the smartcenter ? Can you pl. help in how we can do that ?
0
Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

 

Author Comment

by:rush2amol
ID: 38800893
In addition to above can you gentlemen help me with following ? We are basically in mid of a migration and some things are really hurting us.

We are migrating from one Smart-center (under administration of different vendor) to another Smart-center (under our own administration). Is there a way like Cisco ASA that i can download the running configuration from one box using TFTP or FTP and upload it to another box ?

To my limited understanding of Checkpoint, i am not sure if above is possible, so that is why we have opted for a manual process where we are capturing a dump and re-writing the rules in the new Smart-center and to our misery this is increasing the opportunity to errors and lot of pains in the whole migration approach.

Your response would be highly appreciated. Thx in advance.




Regards,
AM.
0
 
LVL 12

Assisted Solution

by:Fidelius
Fidelius earned 664 total points
ID: 38805792
Hello,

Yes you can. SSH to management server, enter expert mode, and go to:
cd $FWDIR/bin/upgrade_tools/

Exit all SmartConsole GUI, and issue cpstop

Depending on version you have two options:
prior to R75.40
- use for export on old server:
./upgrade_export
- for import on new server:
./upgrade_import

Similar, for R75.40 and later:
./migrate export
./migrate import

Regards!
0
 

Author Comment

by:rush2amol
ID: 38812216
Ok great .. shall try this out.

Would it be ok if i can contact you via mail ? If i have any questions around this i would list them out and sent it across or perhaps have a IM chat.

*** email address removed - Qlemo ***

Thx in advance.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Each password manager has its own problems in dealing with certain websites and their login methods. In Part 1, I review the Top 5 Password Managers that I've found to be the best. In Part 2 we'll look at which ones co-exist together and why it'…
In computing, Vulnerability assessment and penetration testing are used to assess systems in light of the organization's security posture, but they have different purposes.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question