Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Kishorilal_CJ
Participant

Automatic rule coding using OPSEC

Hello

we are well aware that R80.10 has got API to perform multiple automation stuffs, whereas we are looking for something in R77.30 , since it takes sometime for us to upgrade the version to R80.10 and I just wanted to check if any possibilities of adding the policy rules from Tufin tool(as one of the approved OPSEC product), to check point policy database, when communication from checkpoint to tufin is possible    

thanks in adavnce

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

The OPSEC API does have ways to modify the rulebase.

Heck, I wrote scripts to modify the rulebase with dbedit Smiley Happy

I believe Tufin can do this, but you should check with them on the specifics.

Kishorilal_CJ
Participant

Thank you for your comments.. would you please share the script link

0 Kudos
PhoneBoy
Admin
Admin

The scripts I wrote were for specific customers.

Most of the specific are covered in the R77 CLI Guide: Command Line Interface R77 Reference Guide 

Keep in mind that while modifying existing rules with dbedit is relatively straightforward, adding a new rule is not since it requires multiple delete/add operations.

The R80 APIs have significantly improved APIs for rulebase manipulation. 

JozkoMrkvicka
Mentor
Mentor

Hi Dameon Welch-Abernathy‌,

Do you remember if the script you wrote using dbedit included also LDAP user groups ? I am struggling how can I add new LDAP group to the existing rule via dbedit (R77.30).

https://community.checkpoint.com/message/35147-r7730-adding-ldap-group-to-the-existing-rule-using-db... 

Kind regards,
Jozko Mrkvicka
0 Kudos
PhoneBoy
Admin
Admin

I did not do that in any of my scripts, but will see if I can get someone from R&D to help on the thread you pointed me at.

JozkoMrkvicka
Mentor
Mentor

Thank you very much Smiley Happy

Kind regards,
Jozko Mrkvicka
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events