We help IT Professionals succeed at work.
Get Started

Automated way/script to add hundreds of IP to block in Checkpoint SG 12600

188 Views
Last Modified: 2020-01-09
I know an ex-colleague has a way at command line (script or whatever) to automate
adding of IP to block malicious IP for Nokia Checkpoint : that's years ago.

My current network colleague says it's very tedious to add IP as he has to create
object, then go into another screen to add it to a group & we often get 100-700
IP from threat Intel (from a cyber regulator):  is there a way to automate to mass
block it for CheckPoint  Security Gateway 12600??     Isn't there a way to get to
SG12600's Unix command prompt & write a script to automate?


For sure Linux iptables, we can do it easily by Shell script.

Heard Palo Alto has an interface to add IP en masse but my network guy says
CheckPoint (& possibly Fortigate) don't.
Comment
Watch Question
Senior CyberSecurity Engineer
CERTIFIED EXPERT
Commented:
This problem has been solved!
Unlock 3 Answers and 8 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE