Re: Replacing RSS in SupportCenter

PhoneBoy · ‎2024-07-18

With the recent reimplementation of SupportCenter, we've had to rebuild various features and functionality that previously existed.
This includes the various ways our customers/partners are notified of changes to SK.
As of now, we've reimplemented email subscriptions for various items, including:

Product and Security Alerts
Specific SKs
Specific Products (or even all)

The Product/Security Alerts are sent same day.
The other SK updates are collected and sent in batch on Sundays.

However, there have been many requests for an RSS feed like we previously had.
Unfortunately, a big problem with RSS is that feed readers tend to handle the data quite differently.
We are, therefore, looking at other options.

I had a meeting with the SupportCenter team today and there are a couple of possible options:

Have a webpage with recent SK updates
Exposing the data via API in JSON (thus making it usable in other systems)

Based on the comments in this thread: https://community.checkpoint.com/t5/General-Topics/RSS-feed-for-checkpoint-com-is-not-working-any-mo...
I believe these are steps in the right direction.

However, we'd like to hear your feedback on the issue.

Lesley · ‎2024-07-19

I personal would like to see a page with new SK's and updated SK's. (Can also be e-mail)

Especially if there is an important SK for example regarding a CVE, you would like to be aware when something has changed and more info has been added. Would save time on pressing the refresh button and check if it has changed.

Also keep this in mind, i don't think you can open up all SK's via API and everyone can read it. Without the proper support contracts:

There are three access levels in SecureKnowledge: General, Advanced and Expert:

General access to SecureKnowledge is available to everyone, without registration.

Extended access to more advanced information is by your Support contract, certification, and or participation in specific Partner programs:

Advanced users see the information available to General users, plus the information in the Advanced level.
Expert users see the information available to General, Advanced and Expert users.

Also free bump to the top of the page!

-------
If you like this post please give a thumbs up(kudo)! 🙂

PhoneBoy · ‎2024-07-21

The SK team showed me a page they have for internal purposes that, with some modifications, could fit the bill here.

I believe the only restriction on Advanced/Expert now is you need to be logged in.
This changed a while back (before the new SupportCenter).
The previous RSS feed only showed the basic information (sk and title), so you still needed to login to retrieve the SK content.
The JSON equivalent would be similar, only showing basic information that lets you know the SK was updated.

In any case, I’d like to see what others have to say on the topic.

Paul_Chamberlai

RSS feeds for CVSS disclosures hugely help in the automation of alerting and incident creation. (sorry for swearing in my next sentence). Fortinet, Palo Alto and and I think even Cisco provide this.

Nik_Bloemers · ‎2024-07-21

The webpage option would suit my needs perfectly. It sounds like it would resemble the RSS reader feed closely.

Petr_Hantak · ‎2024-07-22

Both options sounds great to me. Webpage with recently updated sounds handy. I loved simple setup of RSS on topics which I wanted to follow.

API with JSON data could be great alternative. I know about huge pile of SKs whiuch I want to follow ideally with some automation, so we can be easily alerted that is some new update there. One example for all - hotfixes (builds) on Quantum Spark SW versions. There is always one SK, but builds are replaced there during time and devices themselves do not notify you when is new build of same SW version available, so you need to check SKs periodically.

Henrik_Noerr1 · ‎2024-08-05

The new support page is an ok solution to get an overview of newly released SKs.

I would like to have this expanded to a json api solution as well.

To make it really shine I think you need to expand an API to more areas.

CVEs

Improve the way we can get a CVE overview, both on supportcenter and though API.

The overview one can get over CVEs on Check Point products are really lackluster compared to every other vendor.

They are few (thanks!) - But when it happens it seems the whole Check Point organization is suddenly awoken, and *every* channel is sending me info on this. I think the latest vpn CVE showcased this brilliantly. I want a central page / api endpoint where I can get a clear timeline over released CVE info affecting the specific products I am interested in. Look for official Cisco CVE pages for how to do this - which is also accessible through API and RSS

Jumbo HF

The API should allow giving latest and recommended take for every major release.

EOL

The API should give info models and software releases for EoL information.

Support / Account portal.

The API should allow for various information,

- users created and access rights

- devices, licenses and license state from the portal. Even allow me to pull a license over the API.

I know you want to push buying into the Check Point PRO and Blocks offering, but I do think this can exist side by side.

The key thing is that you allow your customers using their own tooling. A nice frontend from you is fine, but I care little about checking for EoL dates when it can be done programmatically.

/Henrik

Ted_Serreyn

It all depends on what the goal here is. If we are trying to limit the ability for people to get the information, then eliminate it. RSS feeds are still a standard for reading using third party news readers. If I’m required to login to my news sources, I have a tendency to drop them as the information quickly becomes too hard to obtain. I have the same problem with news articles behind paywalls. If you want people to read the information, IMHO, we should make it as easy as possible to obtain and stay updated on it.

Are you a member of CheckMates?

Replacing RSS in SupportCenter