This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
gianogli
Participant
‎2024-10-18 01:01 AM
Jump to solution

Feature Request - Highlight the policies we have to install when make some changes in an object

We have an environment with 4 clusters and 2 small business appliances all connected to the same management server.

Each one of these cluster/small business have a dedicated policy but they are sharing the same set of objects.

When we make changes into the objects to implement something in a specific policy of a specific cluster we are not able to know if these changes could impact also other clusters or not. (Now it's not so easy to verify where all the X modified objects are used when you have Y policies with Z rules; with X, Y and Z as large as desired).

What normally happens is that we make some changes in an object used in the cluster A, but we forgot that the same object is used also into the cluster B and C. Se we install the policy on cluster A until some user phone us to tell that something is not working as expected.

Our request is: in a future release, could you add a feature to highlight all the policies that we have to install to implement all the commits made up to that point?

What do you think?

Thanks...

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2024-10-18 11:53 AM
Jump to solution

You can figure this out easily enough by using "Where Used" on any object you modify.

image.png

 

This will show every policy is used in and where:

image.png

 

Of course, it won't tell you what policy packages are applicable to which gateways.
You might want submit this as an RFE.

 

View solution in original post

4 Replies
PhoneBoy
Admin
Admin
‎2024-10-18 11:53 AM
Jump to solution

You can figure this out easily enough by using "Where Used" on any object you modify.

image.png

 

This will show every policy is used in and where:

image.png

 

Of course, it won't tell you what policy packages are applicable to which gateways.
You might want submit this as an RFE.

 

gianogli
Participant
‎2024-10-20 11:56 PM
In response to PhoneBoy
Jump to solution

Hi @PhoneBoy ,

yes, I know the "Where Used..." feature but it's not "user friendly" for  this purpose at all.

In this way you tell us that after each commit where we modified X objects we've to check X "Where Used..." windows and write in a sheet of paper the list of policy we've to install. This procedure could be useful when you have 2 policies and you change 3 objects in a commit, but if you have 10+ policies and you change 50 objects in a commit it becomes impracticable.
We will surely open an RFE when we will plan the next EA2GA installation... 😉

Thanks anyway for your support. 😎

PhoneBoy
Admin
Admin
‎2024-10-21 01:15 PM
In response to gianogli
Jump to solution

This is something that could theoretically be accomplished by means of a script calling the API.
At a high level, you would:

  • Call show-changes between revisions, review the operations output for the added/modified objects
  • For each object identified, run where-used

Based on that, you would know what policy layers/package are potentially impacted by the changes.
You could even install-policy for the affected gateways.

(1)
the_rock
Legend
Legend
‎2024-10-18 12:49 PM
Jump to solution

RFE is your best bet.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events