cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Employee
Employee

Threat Prevention Installed Version Number - SmartConsole R80.X

When filtering logs we would like to be presented the Installed Version number for Threat Prevention AV, AB, Threat Emulation, ETC blades. Installed IPS Version is included, but other Threat Prevention Blades are not configurable. The use case is when the security team finds an incident, they would like to historically track the Version that was currently installed at that time. Where it would be helpful is both in the Gateway Object and the Logs. 

Here are some images on where we'd like to see the Installed Version Number presented. Installed Security Version Object LevelLog Level Threat Prevention Installed On

2 Replies
Danny
Pearl

Re: Threat Prevention Installed Version Number - SmartConsole R80.X

I like your suggestion for improvement of the product. As you are a Check Point employee it should be very easy for you to open an internal RFE (request for enhancement).

In the meantime your end user could simply right-click on each gateway shown in your screen shot, select 'Scripts > Scripts Repository...' and create a simple Bash script that queries and shows all required details for the specific gateway.

0 Kudos
Vladimir
Pearl

Re: Threat Prevention Installed Version Number - SmartConsole R80.X

I actually would like to add to Bien's question:

The logs, irrespective on when they are generated, show the latest update time in Unix Epoch format:

Which hardly adds any value to the log entry.

Can the time/date stamps be normalized and the version active at the time of execution logged instead of the last update?