This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Veeraselvam_man
Contributor
‎2018-10-21 06:46 AM

Security Audit Report Using Nipper tool

Currently I am using below configuration files to generate “Security Audit Report” using nipper tool:

  • objects.C
  • objects.C_41
  • objects_5_0.C
  • rules.C
  • rulebases.fws
  • rulebases_5_0.fws

is there any way to automate this using  API?

note: nipper is a third party tool for generate security audit reports for firewalls.

Regards

Veera

8 Replies
PhoneBoy
Admin
Admin
‎2018-10-21 10:10 PM

The information in these files is rules and objects, which of course could be obtained from the API.

You'd have to have something that calls the API in the right way and parse the resulting data.

Whether nipper is capable of doing that, I have no idea. 

Veeraselvam_man
Contributor
‎2018-10-22 01:36 AM
In response to PhoneBoy

Please suggest the API details to export those files, using that i will try to generate security audit report using the nipper tool.

0 Kudos
PhoneBoy
Admin
Admin
‎2018-10-22 05:51 AM
In response to Veeraselvam_man

There are too many API calls to list.

I recommend reviewing the API documentation to ensure you are getting the data you are most interested in: Check Point - Management API reference 

Either that or use the output of something like: Python tool for exporting/importing a policy package or parts of it

0 Kudos
Veeraselvam_man
Contributor
‎2018-11-15 09:22 PM
In response to PhoneBoy

Thank you Dameon Welch-Abernathy‌, I exported nipper dependency files using "run-script" and "show-task" API calls.

0 Kudos
Danny
Champion
Champion
‎2018-10-22 11:36 PM

As you can read on the Nipper Studio site "If you have any questions or need support when auditing any devices with our tool please get in touch: enquiries@titania.com". So you'd need to ask them. Personally I don't think they support recent Check Point version versions, such as R80.x Even in the past they just did very basic rulebase checking. For a real security audit report I recommend hiring Check Point professional services or a strong Check Point specialist.

On our community you could start by looking into these threads:

Check Point configuration mistakes - Top 10

https://community.checkpoint.com/message/8352-check-point-support-resources-top-10

Zoran_Filipac
Explorer
‎2019-01-13 12:10 AM

Veeraselvam,  could you give more detail on how  exactly you exported Nipper required files with "run script" and "show tasks"   API  commands ?   This could be useful for auditing with Nipper since officially they do not support R80.x. anymore.  Thanks. 

0 Kudos
Veeraselvam_man
Contributor
‎2019-01-13 01:47 AM
In response to Zoran_Filipac

Checkpoint provided option to execute Linux commands using "run script" API option, that API call will return a task id, using "show task" API call with task id, we can get the executed command output.

Using above commands i downloaded the required files.

Regards

Veera

0 Kudos
PhoneBoy
Admin
Admin
‎2019-01-13 07:50 AM
In response to Veeraselvam_man

Keep in mind those files are not considered the authoritative source of data in R80 and above.

There is also no guarantee those files will continue to exist in future versions.

Nipper should query our API directly to get the authoritative data.

If you just want to report on objects and data, see: https://community.checkpoint.com/docs/DOC-1974