Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Checkpoints !

Posted on 2013-01-20
9
Medium Priority
?
340 Views
Last Modified: 2013-05-30
Hello,

We have Checkpoint firewalls at branch offices which would be integrated to a Checkpoint Smart-center at the central HO.

I understand (although not sure) if its possible for us to edit / change the configurations for multiple of branch site firewalls at same time ? Does Smart-center permit such or is it the case that only one person can login to make changes to one given box ?

Thx in advance.




Regards,
AM.
0
Comment
Question by:rush2amol
6 Comments
 
LVL 18

Accepted Solution

by:
deimark earned 672 total points
ID: 38799307
A single smartcentre can manage multiple firewalls and when we push the changes, it can go to more than one firewall at a time.

We can limit what firewalls users can modify through the user roles and permissions section, but in essence, the answer is yes.
0
 
LVL 10

Assisted Solution

by:ujitnos
ujitnos earned 664 total points
ID: 38799803
At a given point of time, only one admin with read/write access can do changes in a SmartCenter Dashboard. If a second read/write admin tries to login, he/she will get a message saying that another admin is logged in, and he will have an option to login as a Read-Only user.
0
 

Author Comment

by:rush2amol
ID: 38800451
Hi Deimark, If I understand you correctly multiple admins can perfrom read/write in the smartcenter ? Can you pl. help in how we can do that ?
0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

 

Author Comment

by:rush2amol
ID: 38800893
In addition to above can you gentlemen help me with following ? We are basically in mid of a migration and some things are really hurting us.

We are migrating from one Smart-center (under administration of different vendor) to another Smart-center (under our own administration). Is there a way like Cisco ASA that i can download the running configuration from one box using TFTP or FTP and upload it to another box ?

To my limited understanding of Checkpoint, i am not sure if above is possible, so that is why we have opted for a manual process where we are capturing a dump and re-writing the rules in the new Smart-center and to our misery this is increasing the opportunity to errors and lot of pains in the whole migration approach.

Your response would be highly appreciated. Thx in advance.




Regards,
AM.
0
 
LVL 12

Assisted Solution

by:Fidelius
Fidelius earned 664 total points
ID: 38805792
Hello,

Yes you can. SSH to management server, enter expert mode, and go to:
cd $FWDIR/bin/upgrade_tools/

Exit all SmartConsole GUI, and issue cpstop

Depending on version you have two options:
prior to R75.40
- use for export on old server:
./upgrade_export
- for import on new server:
./upgrade_import

Similar, for R75.40 and later:
./migrate export
./migrate import

Regards!
0
 

Author Comment

by:rush2amol
ID: 38812216
Ok great .. shall try this out.

Would it be ok if i can contact you via mail ? If i have any questions around this i would list them out and sent it across or perhaps have a IM chat.

*** email address removed - Qlemo ***

Thx in advance.
0

Featured Post

Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question