Generate list of OPSEC object which configured in the firewall mgmt domain

LowJ — Thu, 27 Feb 2020 03:59:55 GMT

I'm using MDS which have about 40 domains for customers.

Each domain have OPSEC configured for different purpose. I will like to generate a list of OPSEC configured for each domain. Instead of login to the domain one by one, is there a way to do so?

Re: Generate list of OPSEC object which configured in the firewall mgmt domain

PhoneBoy — Thu, 27 Feb 2020 04:31:26 GMT

There isn’t API support for OPSEC objects, as I recall correctly.
Which means you’ll have to reverse engineer the generic-object type for these objects.

Re: Generate list of OPSEC object which configured in the firewall mgmt domain

LowJ — Thu, 27 Feb 2020 05:06:55 GMT

Is this mean the best we can do are generate out the object list and from there filter out which one for OPSEC?

Re: Generate list of OPSEC object which configured in the firewall mgmt domain

Sigbjorn — Thu, 27 Feb 2020 09:41:44 GMT

You can use show-opsec-applications to get the uid's and then show-opsec-application to get the details you want.

I tweaked a script I use for crawling our domains for various other purposes to fit your requirement.

(The API User needs access to all domains.)

This is a read only script, but please never run any scripts without understanding their purpose and what they do.

Param( # [PSCredential]$CheckpointCredential, [string]$BaseUri = "https://10.10.10.10/web_api", # Set your MDS IP [string]$domain = "MDS", # Set you main Multidomain Name [string]$user = "s_apiuser", [string]$password = "apipassword", [string]$debug = "off" ) # Ignore SSL: [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} # Login and save headers # $loginData = @{ "user" = $user "password" = $password "domain" = $domain } | ConvertTo-Json Write-Output "Invoking Login" $login = Invoke-RestMethod -Method Post -Uri "$BaseUri/login" -Body $loginData -Headers @{ "content-type" = "application/json" } $headers = @{ "content-type" = "application/json" "x-chkp-sid" = $login.sid } $domains = Invoke-RestMethod -Method Post -Uri "$BaseUri/show-domains" -Body "{}" -Headers $headers foreach ($d in $domains.objects.name) { $loginData = @{ "user" = $user "password" = $password "domain" = $d } | ConvertTo-Json if ($debug -eq "on") { Write-Output "Login to $($d) domain" } $login = Invoke-RestMethod -Method Post -Uri "$BaseUri/login" -Body $loginData -Headers @{ "content-type" = "application/json" } $headers = @{ "content-type" = "application/json" "x-chkp-sid" = $login.sid } if ($debug -eq "on") { Write-Output "Login complete" } $opsecobj = Invoke-RestMethod -Method Post -Uri "$BaseUri/show-opsec-applications" -Body "{}" -Headers $headers if ($opsecobj.objects.count -gt 1) { foreach ($o in $opsecobj.objects) { $name = $o.name write-output "$($d): Found OPSec Object: $($name)" $opsecuid = $o.uid $body = @{ "uid" = $opsecuid } | ConvertTo-Json ## Get the OPSEC Values you want by tweaking this section. $opsec = Invoke-RestMethod -Method Post -Uri "$BaseUri/show-opsec-application" -Body $body -Headers $headers Write-Output "Random opsec value for $($opsec.name) (Lea enabled): $($opsec.lea.enabled)" ## } } else { Write-Output "Didnt find any opsec objects in domain $($d)" } $null = Invoke-RestMethod -Method Post -Uri "$BaseUri/logout" -Body "{}" -Headers $headers }

Re: Generate list of OPSEC object which configured in the firewall mgmt domain

LowJ — Fri, 28 Feb 2020 01:53:36 GMT

Thanks. Let me try it in test environment.

topic Re: Generate list of OPSEC object which configured in the firewall mgmt domain in API / CLI Discussion

Generate list of OPSEC object which configured in the firewall mgmt domain

Re: Generate list of OPSEC object which configured in the firewall mgmt domain

Re: Generate list of OPSEC object which configured in the firewall mgmt domain

Re: Generate list of OPSEC object which configured in the firewall mgmt domain

Re: Generate list of OPSEC object which configured in the firewall mgmt domain