This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Maysam
Explorer
3 weeks ago

Impact of adding a bunch (8000) of IP addresses using Management API Reference

Hello,

I am using the CLI to bulk add objects to my fw security policy. These are objects with individual IP addresses which I need to block.

I am adding several thousand at this point and am concerned about the potential impact of this on the performance of the firewall.

How can I measure this impact and how can I determine where the limits of this are?

Check Point - Management API reference

Thank you

Maysam

0 Kudos
(1)
1 Reply
Duane_Toler
Advisor
3 weeks ago

I would suggest instead that you use a Generic Data Center object with a local JSON file for this.  It's a one-time object to create, then each time you need to update it, you instead update the JSON file directly and the contents will auto-refresh based on the interval you set when the Generic Data Center is created.  A single Generic Data Center JSON range can contain up to 30,000 IP and CIDR entries.

You can use any method you want to create the initial Generic Data Center file initially.  You will need to create a one-time UUID, tho, and you can use the command "uuidgen" to do that.

[Expert@cpmgmt01:0]# uuidgen
dd304ef4-279f-4a3c-ba70-10d6cbc62fc4

 

Check out sk167210 for more info on Generic Data Centers:

https://support.checkpoint.com/results/sk/sk167210

Documentation for R81.20:

https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SecurityManagement_AdminGuid...

After you create everything, be sure to use the object in a rule and install policy.  You don't need to do policy installs to update it again; it is automatically refreshed and pushed to the gateway(s) on the refresh interval.  Don't set the interval *too* low, nor too high.  30 minutes is probably as low as you want to go.

 

--
Ansible for Check Point APIs series: https://www.youtube.com/@EdgeCaseScenario and Substack
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events