This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ron_Izraeli
Employee
Employee
‎2019-03-06 12:35 AM

Show Gateways Interfaces Extension

An open-source HTML and JavaScript example for Check Point SmartConsole extension

Show interfaces in a dedicated tab under the gateway’s view. Currently, in order to see the topology of a gateway\cluster, one need to open the object editor and navigate to the topology tab.

This extension will show the topology of a gateway under the gateway’s view, and saves the need to open the editor.

CheckPointSW/smart-console-extensions · GitHub 

Getting Started

  1. Copy or clone Show Gateways Interfaces example to your web-service for hosting (should support SSL)
  2. Install extension by pasting URL to extension.json file (e.g. https://your-page-path.com/extension.json). See How to extend and enhance SmartConsole? 

Contributors

Moran Amar

Ari Heber

7 Replies
Danny
Champion Champion
Champion
‎2019-03-06 01:25 AM

I tested this extension yesterday and didn't find it much helpful because:

  • it only works starting from R80.30 EA
  • it only works for simple gateways, not clusters etc.
  • the JS example (showSimpleGatewayInterfaces.js) doesn't explain any of the JavaScript codes
  • the extension can't be hosted locally on the firewall management itself, it must be hosted on a separate webserver, that one has to harden, maintain, support and buy an SSL certificate for and everything
  • Check Point doesn't provide the web hosting for this extension itself
  • the announced Demo version is "Coming soon.." for about a month now

We are firewall admins, not DevOps. But I like the openess of Check Point and that it provides extension capabilities now. I wish there would be a Check Point service in this initial phase assiting end users to create useful SmartConsole extensions.

A long requested extension is a visual packet tracer to win PoCs against Cisco.

Ron_Izraeli
Employee
Employee
‎2019-03-06 02:42 AM

Thank you Danny for the feedback.

We do plan to provide a service/repository of useful SmartConsole extensions for customers to use.

Regarding to this example specifically, i agree it requires additional work. However since it is open-source, we can let community modify, enhance or rebuild it in a way it would suit you better.

0 Kudos
Tomer_Sole
Mentor
Mentor
‎2019-03-06 07:21 AM

  • the extension can't be hosted locally on the firewall management itself, it must be hosted on a separate webserver, that one has to harden, maintain, support and buy an SSL certificate for and everything

Regarding this. I believe that running a dedicated host for open-source security automation clients is a better practice than touching the Check Point machine. It is safer than shell scripts running with root access, does not share memory with the Check Point box, and allows changes of versions without fear of interfering the Check Point Security Management Server. Some of our customers already use dedicated servers to host their home-made self-service web portals that interact with the Security Management Server, allowing them to spend their limited time on other tasks. 

You can use the SSL Certificate that you got from Check Point when you enabled HTTPS Inspection. 

I believe that this is a nice example of showcasing how you can make custom panels with the context of the selected object. For example, you can use this code as basis to Security Policies bottom pane that shows a table of specific fields for the selected rule. Making Extensions for bottom panes of Security Policies is supported with R80.20.

0 Kudos
Tomer_Sole
Mentor
Mentor
‎2019-03-06 07:25 AM

Danny Jung wrote:

I wish there would be a Check Point service in this initial phase assiting end users to create useful SmartConsole extensions.

A long requested extension is a visual packet tracer to win PoCs against Cisco.

how about using the src: dst: filter in the search box of the logs panel?

0 Kudos
Vladimir
Champion
Champion
‎2019-03-06 09:18 AM

Not quite the same as seeing it:

What we are talking about is a combination of pinj with visualization of the packet processing by CP components with feedback on success and failures.

Danny
Champion Champion
Champion
‎2019-03-06 11:21 AM

Exactly.

Chinmaya_Naik
Advisor
‎2019-08-01 11:47 PM
In response to Danny

Hi Team,

"show gateway interface" extension is working fine but Please help me how to use the "connectivity check" extension.

@Chinmaya_Naik 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top