Operational efficiency has been a key target with R80 and R80.10 SmartConsole. 1. Create or edit a network object anywhere within SmartConsole. 2. Go to a rule where you wish to place the new object. Click the "plus" sign to select the relevant objects. 3. Your last modified objects show up at the top of the picker. After you… Show more
Hi Mates, It is possible to change the expert password for many FW at the same time? We have many FW managed for a Server Magament R 77.30 and we need to change the expert password for about 30 FW 1430. Thanks
Hello, all! I am trying to understand how to use logs in Smartconsole. Simple situation - i want to find all records regarding Facebook.com. I go to logs tab, use Facebook keyword in search tab and get result - some records with "Facebook" in "Appliction" tab. However, if i use not popular site - www.cmd.com for example, i can't find any result… Show more
Hi, I am told that the smb line is not FIPS 140-2 compliant. Is there a timeline for when the smaller appliances like 1400 and 700 series will be compliant with FIPS 140-2? We are losing small municipalities because they just buy the smallest appliance that fits their compliance mandate and right now it is the 3100 for Check Point. Palo Alto… Show more
I've got a list of Snort rules issued to us by a County Government consortium every week or so and no matter what I do, the SnortConvertor won't import them. "0/1316 rules were successfully converted, total of 0 IPS protections were found. For more details please see $FWDIR/log/SnortConvertor.elg file. The configuration is up to date, therefore… Show more
Are all of the rules specified as eitherbound direction (i.e. <>)? At least of the examples you gave, they were all this way, and the documentation only speaks to one direction. I'd try changing the rules to one direction or the other That said, if these signatures are just to block access to specific IPs, there are better ways to do that…
Hi, I'm trying to block users on my network from using facebook gameroom. I have the 730 firewall. After failing a few time I noticed that the gameroom windows application is just a wrapper for a browser that runs flash games from facebook.com this makes things problematic as the only way I find at the moment to block facebook gameroom is to… Show more
what is the reason for happen this ? ;[cpu_2];[fw4_1];fw_log_drop_ex: Packet proto=6 x.x.x.x:30730 -> 10.2.200.50:80 dropped by fw_first_packet_state_checks Reason: First packet isn't SYN; ;[cpu_1];[fw4_2];fw_log_drop_ex: Packet proto=6 x.x.x.x:30731 -> 10.2.200.50:80 dropped by fw_first_packet_state_checks Reason: First packet isn't SYN;… Show more
I write a Wireshark profile to help you with reading `fw monitor` files. I wrote a Dutch description on Wireshark Profiles and I guess the screenshots will be sufficient help to get you started for those not savvy in Dutch ;-) The Short English Version: Create a Dummy personal profile (Name it whatever you like) In WireShark, Goto Help =>… Show more
In R77.30 and earlier IPS packet capture was stored on the gateways as .pcap files and we could retrieve them using "fwm getpcap" over SSH. In R80+, IPS has been moved to Threat Prevention and it seems that packet capture is now being stored as .EML files. Looking at the logs from "fw log", the "packet_capture_unique_id" is now a name, where on… Show more
Hi All, Not sure if this been asked before. How can i view NAT information in R80.10 Log and Monitor section? Is it only applicable to Smart View Tracker which is hidden inside smart console folder? If yes, what about those security gateway in the public or private cloud such as VSEC? how can i view the NAT information? Thank you.
Hi! We have a certain group of destination addresses. We need to calculate the total number of connections for this group for a certain period of time. How can we do this at R80.10 in SmartConsole as well as from cli? It is necessary exactly the number of connections, not events. Thank you!
With SmartLog in R80 how can I search for 'Address Spoofing' logs? Which field should I select? With SmartView Tracker I could add a filter on Information column but with SmartLog I can't do the same.
Load more items
Hi All, I was successful in adding host object using REST API 'create-host' call however, it allows me to add only one object at a time, does anyone know a method of adding bulk import of objects at the same time. Please let me know Thanks, Chandru Saravanan
Via the CLI, you can do it via a single command using a CSV file. However, this ultimately calls the REST API multiple times, one for each line. Either way, the objects don't become active until you publish the changes (another API call). What's the use case for creating multiple objects using a single API call?