This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Martin_van_Eden
Participant
‎2018-08-16 08:37 AM

R80.10 CloudGuard Controller and Azure ? Please rollback to jumbo take70 !

So guys,

I'm busy onboarding to Azure right now and was looking forward to automate stuff using the CloudGuard controller on my on-prem management servers and the CloudGuard IaaS gateways in Azure.


My whole environment is on almost the latest patch level; R80.10 Jumbo T112.


I was very suprised to learn that for the controller to be able to import Azure datacenter objects I would have to install a hotfix ( sk120464 - R80.10 CloudGuard Controller / vSEC Controller Hotfix v1 ) that requires me to revert to Jumbo T70 (15 Jan 2018) !

I opened a SR and it was communicated to me that RnD currently has no plan to make vSec Controller Hotfix v1 to be available on any higher take Jumbo hotfix environment.

Only solution that was proposed was moving towards R80.20 Management Feature Release, which has the hotfix build in.
I'm reserved on moving to the latest and greatest when I'm perfectly happy with my current R80.10 management.

Is it strange to expect a functional Check Point - Azure integration using R80.10 on a current patch level ?
What do you guys think ?

Regards,

Martin

6 Replies
Lloyd_Crosby
Contributor
‎2018-08-16 12:01 PM

I personally would of requested as to why the won't do a port fix. Call me paranoid, but when I get that response I push hard for logical reason for them not either integrating the fix into another jumbo. That's one reason they could be not creating a portfix, it's going to be integrated. That or they are not going to the supporting R80.10 in the near future. I saw that on the support side when R76 was showing to be a lemon release.

If I got that response I would request the reason as to why they are not porting it, unless there is a major change to the backend there should be no logical reason that there shouldn't be a port fix... just imho.

-Lloyd

0 Kudos
Arnfinn_Strand
Employee
Employee
‎2018-08-17 01:04 AM

Hi, 

sk120464 - R80.10 CloudGuard Controller / vSEC Controller Hotfix v1, is not a requirement to import objects from Azure (or AWS, NSX and more).

This hotfix has these new features, and some fixes.

What's New

  • Integration with Google Cloud Platform
  • Integration with Cisco ISE
  • Integration with Nuage Networks VSP
  • Automatic license management with the vSEC Central Licensing utility
  • Starting with Jumbo Hotfix Accumulator Take 20, support for R76SP.50 60000/40000 Security Platforms
  • Integration of monitoring capabilities into SmartView

Azure is supported with R80.10 and any Jumbo, so if you don't need any of the new features or fixes, you are good to go.

Arnfinn

Martin_van_Eden
Participant
‎2018-08-17 04:45 AM
In response to Arnfinn_Strand

Hi Arnfinn,

The 'import' option is not available after configuring a Datacenter connection to Azure.
Hence the Service Request I made.

See the screenshots below.
Azure Datacenter connected

Import function not available

Below the available import option on a R80.10 T70 + hotfix management server in my lab.

Import option available

So I'm pretty sure I need the hotfix on my R80.10 environment to work with Azure Datacenter objects.

Regards,
Martin

0 Kudos
Merav_Sapir
Employee Alumnus
Employee Alumnus
‎2018-08-19 11:11 PM
In response to Martin_van_Eden

Hi,

As stated above, no need to install any hotfix on top of R80.10 in order to import objects from Azure.

There are several ways to import data center objects -

1. Via the objects explorer on the right by clicking right-button on the data center and selecting import. This is the option described above and is indeed introduced only in the hotfix.

2. Via the + button in the policy . Simply select the relevant cell in the policy (Source/Destination) and then import as seen below. This option is available for all versions including R80.10 with any jumbo hotfix on top.

Regards,

Merav Sapir

CloudGuard controller R&D Team Leader

Martin_van_Eden
Participant
‎2018-08-20 05:25 AM
In response to Merav_Sapir

Wow, thanks Merav !

That did the trick. I was focussed on the objects explorer import function only.
I did not know of the other way and neither did the engineer on my SR.
I will point him towards this thread.

Glad to learn that I do not need to downgrade or upgrade.

Regards,

Martin van Eden

0 Kudos
Lloyd_Crosby
Contributor
‎2018-08-20 05:53 AM
In response to Merav_Sapir

Ok, now that's cool.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events