Create a Post
Showing results for 
Search instead for 
Did you mean: 

Security CheckUp generator for R80.x

If you work for a partner and you are running out of time, or you just do not want to prepare Security CheckUp machine manually, you can use script I prepared for these purposes. Script is based on Security CheckUp Guide. It has been tested on R80.10 VM running in ESX, but you can also use appliance which has enough resources to be in standalone mode. Script asking few questions on the beginning like what is your mgmt port, SPAN port, IP of mgmt, mask, route. After confirmation first time wizard starting and once done, help script rebooting the gateway. After reboot API status is checked and once done, configuration via API starting. There are activated common blades (FW,APP&URL,IPS,AV,Abot,TE,SmartEvent), unified policy is created, new TP profile with appropriate settings (in current version only fail mode for TP is missing and has to be done via GUI, I have not found appropriate db table where this can be modified, will be added later), IPS update, enabling indexing and smart event blade. At the end policy is pushed and gw reloaded. There is one small issue, check github issue. In case of any failure, please create issue on github, will try to repare it asap.

GitHub - 0dadj1an/r80.10POCgenerator: scripts related to Sec Checkup POC for NGFW 

0 Replies