This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ihenock1011
Collaborator
‎2024-04-22 11:30 AM

cli command to install policy

Hi Mates,

We have a Check Point R81.10 Security Gateway and Smart Management Server (SMS) functionality. I can successfully import multiple objects using the CLI command sk113078.  However, I'm looking for the syntax to install a security policy on individual VSX (Virtual Security Appliance) members within the VSX cluster.

Thanks

0 Kudos
7 Replies
the_rock
Legend
Legend
‎2024-04-22 11:50 AM

Not sure if its doable, as I only see option for regular gateways.

Andy

 

https://sc1.checkpoint.com/documents/latest/APIs/#cli/install-policy~v1.9.1%20

0 Kudos
PhoneBoy
Admin
Admin
‎2024-04-22 11:56 AM
In response to the_rock

This endpoint should also apply for VSes as well.
What isn't in the API for VSes are the VSes themselves.
Of course, VS objects are dead once you move to VSnext 😉

0 Kudos
Vincent_Bacher
Advisor
Advisor
‎2024-04-23 01:21 AM
In response to PhoneBoy

@PhoneBoy wrote:

This endpoint should also apply for VSes as well.

Yes. As the policy package name is the only required argument for this API command, it's installed on the policy target defined in the policy package and each policy (rule) if defined, no matter if it's a legacy device or vs. 
At least that's how I understand the API

@PhoneBoy wrote:

Of course, VS objects are dead once you move to VSnext 😉

Huh? What do you mean? 

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
_Val_
Admin
Admin
‎2024-04-23 02:37 AM
In response to Vincent_Bacher

@Vincent_Bacher , in his second note, Dameon is referring to the new virtualization solution for security gateways, VSNext, which is coming to replace VSX (or, more correctly, coexist with the classic VSX for a while) in R82.

VSNext uses a completely different provisioning and management framework, bringing the use of APIs for a virtual GW to the same level as for a physical one, and even adding more capabilities.

For more details, you can refer to one of the CPX sessions for the matter: https://community.checkpoint.com/t5/Member-Exclusive-Content/R82-ElasticXL-and-VSNext-Generation-Und...

0 Kudos
Vincent_Bacher
Advisor
Advisor
‎2024-04-23 02:46 AM
In response to _Val_

@Val yes i know, thanks. I maybe just misunderstood "VS objects are dead"

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
_Val_
Admin
Admin
‎2024-04-23 02:54 AM
In response to Vincent_Bacher

while @PhoneBoy is still sleeping, I can assume, he meant VSX has no future.

0 Kudos
PhoneBoy
Admin
Admin
‎2024-04-23 07:29 AM
In response to Vincent_Bacher

A VS is represented as a regular gateway object in VSnext.
Thus my "VS objects are dead" comment 🙂

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events