I have a small problem when I want to develop more extensive extensions that interact with a gateway. For example, I want to read information on the gateway and use it in my code.
Every time I call and execute the following function
smxProxy.sendRequest("request-commit", {"commands" : ["run-script script-name 'HA Test' script '…
so I always get the following windows to approve the action.
When the script is executed on the gateway, I still get the success window.
This makes interactive communication with the gateway impossible because I have to keep closing the windows.
I understand that this makes sense from a safety point of view. However, it does prevent you from writing interactive javascript code.
Now my question:
- Is there already a switch in the function "smxProxy.sendRequest " to prevent the windows from being displayed?
- Is there another way around this?
If there is no solution:
- Will you integrate this in the future?
- Or can I make a feature request here?
This does not protect against malicious code being downloaded.
You can also commit the code base64 encoded and and and
Then the user can no longer see it in plain text and the user does not know what he approving.
With the autorefresh and the "smxProxy.sendRequest" + approve window restrictions, you can't really use the SmartConsole Extension for more complex tasks.
From my point of view, this could be approved when installing the app. Here I would set a selection field and point out the dangers to the user. For example like this:
@Ron_Izraeli , @Tomer_Noy , @Alon_Alapi
Maybe you can discuss this with Dorit and then make the api more open.
| User | Count |
|---|---|
| 32 | |
| 22 | |
| 13 | |
| 10 | |
| 10 | |
| 9 | |
| 7 | |
| 5 | |
| 4 | |
| 4 |
Mon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 10:00 AM (CET)
EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Tue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopTue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsMon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 10:00 AM (CET)
EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Tue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopWed 04 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 2: Cloud Risk Management Workshop
