This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Daniel_
Advisor
‎2025-04-03 04:55 AM

check_point.gaia config ssl tls not available

In clish we can set tlsv1.3 with

set ssl tls TLSv1.3 on

With ansible or nativ API this is not possible.

Have I overlooked this in the documentation or is there no API-first strategy in Check Point?
And check_point.gaia.cp_gaia_run_script is not API-first....

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2025-04-03 09:21 AM

You are correct that the only way to do this currently is via run-script.
Hopefully this is something we will address in a future release.

API-first implies that the product was designed from the ground up with the relevant APIs.
The Check Point security gateway product (called FireWall-1 in 1993) predates REST APIs themselves (which were only a concept back in 2000).
We have our own APIs (OPSEC) that date back to the mid-1990, some of which are still in use today.

For new features, we definitely try to be API-first, of course (using REST).
Existing features either have to have REST APIs implemented for them (which we are continuing to do in every release) and/or be re-implemented in a REST API friendly way.
This was at least part of the motivation for VSnext (replacement for VSX) and ElasticXL (replacement for ClusterXL) in the R82 release.
It's also why Web SmartConsole still has some limitations compared to the Windows SmartConsole client, though there is currently a major effort underway to close the gaps between the two.

Upcoming Events

    Sort by:
    CheckMates Events