This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Haim_Gabay
Explorer
‎2021-06-08 09:10 PM

Manage quantum 700 and 1500 series using API

Hello community team,

I am looking to manage the Quantum 700 and 1500 series using REST API directly with the box from my proprietary management server, my understanding that you need to manage the box by R80/R81 and perform all the calls through the R80/R81 api server.

Can the Quantum 700 and 1500 be managed by R80/R81?

Is it possible to perform calls directly with the box or I must do it through the api server, if so, can the api server installed in the cloud while the Quantum box is on-prem, assuming that we solve the access from the api server to the on-prem Quantum box.

Any insights on the above is appreciated

Thanks

0 Kudos
3 Replies
_Val_
Admin
Admin
‎2021-06-09 02:44 AM

Yes, you can manage SMB appliances from a SmartCenter or even an MDS.

0 Kudos
Haim_Gabay
Explorer
‎2021-06-09 06:36 AM
In response to _Val_

Thank you for the quick response, is it possible to write API calls from my software program directly to the 700 and 1500 gateways without having MDS or SmartCenter installed? I am trying to understand if it is a MUST to have SmartCenter/MDS.

0 Kudos
PhoneBoy
Admin
Admin
‎2021-06-09 07:28 AM

The answer is…a bit complicated.

700s are, by design, not manageable with traditional Check Point management.
They were sold as SMB appliances with this capability explicitly removed.
Their 1400 equivalents can be managed by traditional Check Point management as can the newer 1500/1800/1900 series.

Regular Check Point management has REST APIs, of course, but the actual SMB gateway object must be created manually in SmartConsole (ie that does not have REST API support yet).
This support is limited to Access and Threat Prevention policy, not actual device management (e.g. interfaces, routing).

As for accessing a REST API on the device itself, the 700 does not offer this and there are no plans to add one there.
We recently added support for a REST API on the 1500 (in R80.20.25 firmware), though I can’t immediately find the relevant documentation.
I assume it will be similar to what is noted in the release notes: limited to clish commands.
Which would imply some ability to manage the device/access policy/threat prevention using this.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events