This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
johnnyringo
Advisor
‎2023-04-19 10:44 AM

Can't activate Monitoring blade on R81.10 Cluster PAYG in Google Cloud

As the title states, we've launched a few R81.10 clusters inside Google Cloud Platform with a PAYG license.  The error message when pushing policy is:

No sufficient licenses installed for Security Gateway with Monitoring Blade.  If you do not intend to use SmartView Monitor, please uncheck this product from your Security Gateway(s)

Other blades like Content Awareness, URL Filtering, VPN, and IDS/IPS/Anti-Bot have been activated and operating fine.  

I am able to activate the blade on BYOL licenses without issue, so this seems specific to PAYG. 

 

checkpoint_cant_enable_monitoring_blade.png

0 Kudos
15 Replies
the_rock
Legend
Legend
‎2023-04-19 10:50 AM

Thats exactly reason why it fails. I cant recall is there is a way to get around it, but will double check my notes.

0 Kudos
johnnyringo
Advisor
‎2023-04-19 12:09 PM
In response to the_rock

Well, yeah, LOL.  Always fun when you do a PAYG license and pay 3x as much for something that doesn't even work.

0 Kudos
the_rock
Legend
Legend
‎2023-04-19 12:18 PM
In response to johnnyringo

Tell me about it LOL. Anyway, Im still trying to find what was final outcome.

0 Kudos
johnnyringo
Advisor
‎2023-04-19 01:02 PM
In response to the_rock

Thanks, appreciate the reply as it's helping me maintain mental sanity.  Per usual, I'm getting gaslit by Checkpoint support as they're claiming the Monitoring blade "only works on management server".

0 Kudos
the_rock
Legend
Legend
‎2023-04-19 01:05 PM
In response to johnnyringo

No offense, but wheoever told you that, either they confused mgmt with gateway, or they had not done any checking. Monitoring blade is SPECIFIC to gateway only, you cant even enable it on the mgmt server, as its not possible and even if it was, it would be utterly pointless/useless.

0 Kudos
johnnyringo
Advisor
‎2023-04-19 01:08 PM
In response to the_rock

No offense to me.  That's exactly what I told them.  And I'm not even a Checkpoint expert by any means.  

the_rock
Legend
Legend
‎2023-04-19 01:09 PM
In response to johnnyringo

All that person had to do is spend 30 seconds and open demo dashboard (not even working lab), edit mgmt object and see exactly what we said. 

0 Kudos
PhoneBoy
Admin
Admin
‎2023-04-21 12:48 PM
In response to johnnyringo

TAC is correct, the monitoring blade is, in fact, a Management license.
In my "All-in-One" evaluation license, I see the SKU CPSB-MNTR associated with the other parts of my Management license.
It's also noted as such in the Product Catalog:

image.png

0 Kudos
the_rock
Legend
Legend
‎2023-04-21 01:07 PM
In response to PhoneBoy

Thats true, license is spsb-mntr installed on mgmt server, BUT, the feature itself is ONLY available on the gateway, not management server.

0 Kudos
PhoneBoy
Admin
Admin
‎2023-04-21 01:52 PM
In response to the_rock

You can't enable it on a Management Server, yes.
However, in order to enable it on managed Security Gateways, your management management must have a license that includes CPSB-MNTR.

the_rock
Legend
Legend
‎2023-04-21 01:53 PM
In response to PhoneBoy

Yes sir, 100% agree 👍

0 Kudos
johnnyringo
Advisor
‎2023-04-21 02:30 PM
In response to PhoneBoy

We're using PAYG for the management server as well.  So....I guess paying an astronomical rate for a PAYG license isn't good enough and we have to shell out some more dough?  

 

(1)
PhoneBoy
Admin
Admin
‎2023-04-21 02:46 PM
In response to johnnyringo

You should confirm if your management includes this feature by checking the output of cplic print and looking for CPSB-MNTR in the license string.
To the best of my knowledge, it should be included in current management SKUs.

0 Kudos
johnnyringo
Advisor
‎2023-04-21 02:48 PM
In response to PhoneBoy

Yeah already did that and it's not there.  TAC closed the case this morning for this reason.  

I've re-opened the TAC case, but looks like this is yet another one for the legal department to handle.  

PhoneBoy
Admin
Admin
‎2023-04-21 03:19 PM
In response to johnnyringo

If you haven't already, I recommend reaching out to your Check Point SE regarding this.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events