This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JozkoMrkvicka
Authority
Authority
‎2019-03-17 09:59 AM
Jump to solution

Cannot delete service from R77.30 Dashboard

Hello friends,

I am doing some clean-up of not needed services on management. Suddenly I got stucked on this one:

image.png

Do someone know where I need to go in order to remove it from all 4 above mentioned rules ? Looks like something related to EndPoint, but we are not using it at all.

Environment: R77.30 MDS

Thank you for any hint.

Kind regards,
Jozko Mrkvicka
0 Kudos
1 Solution

Accepted Solutions
JozkoMrkvicka
Authority
Authority
‎2019-03-19 01:30 PM
In response to Vladimir
Jump to solution

So the issue was solved and object has been deleted.

This procedure is valid only for SMS ! MDS and CMA is not supported (the only way how to get rid of it is to delete reference in GuiDBedit tool).

All what has to be done on SMS is to activate "Endpoint Policy Management", install database, connect via SmartEndpoint application and delete following 2 rules:

image.png

image.png

I have no idea why this was in place, but it might be due to very old environment deployed about in 2010 year ...

Thank you everyone for your time, the story can be closed 🙂

Kind regards,
Jozko Mrkvicka

View solution in original post

0 Kudos
14 Replies
Jerry
Mentor
Mentor
‎2019-03-17 12:24 PM
Jump to solution

they seem to be built-in and based on default funcionality, are you really trying to get a rid of them or it is just an obstruction to your sensitive eyes?no sure but you could most probably delete them by GBedit (DBedit) - have you tried this? IF they claim to be none-removalbe I'm not 100% you could delete them really.
Jerry
0 Kudos
JozkoMrkvicka
Authority
Authority
‎2019-03-17 12:34 PM
In response to Jerry
Jump to solution

The story behind this is that I am going migrate to R80.20 and due to DHCP legacy services I am getting warning to use new DHCP services. In fact this service is simple udp_68 port which was already created since R76.

I have changed the port (and name, as you can see :P) as I am doing it in LAB environment, but I am curious where in the hell I need to go to delete it... This service is 100% removable.

Didnt try GuiDBedit, good hint.

I am currently upgrading to R80.20 and once the upgrade is done I will check this service in SmartConsole.

I will revert back to R77.30 after some checks.

Kind regards,
Jozko Mrkvicka
0 Kudos
PhoneBoy
Admin
Admin
‎2019-03-17 12:28 PM
Jump to solution

Highly recommend getting TAC involved here. https://community.checkpoint.com/t5/General-Topics/How-To-Open-a-Case-with-TAC-and-or-Account-Servic...
0 Kudos
Vladimir
Champion
Champion
‎2019-03-17 12:35 PM
Jump to solution

Were you able to identify the actual rules they are present in by UIDs?

They look and sound like build-in core Actions, not services and if I have to guess, they'll be in the implied rules.

0 Kudos
Wolfgang
MVP Gold
MVP Gold
‎2019-03-17 12:59 PM
Jump to solution

Why you don‘t  leave the „DHCP legacy services“ as they are. The message from the upgrade process will be a warning only.

you can migrate to R80.20 and then use the new DHCP services instead of the old one if needed.

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2019-03-18 01:28 PM
In response to Wolfgang
Jump to solution

Here is how it looks from R80.20:

image.png

Where I can access application EndpointManager ?

Doubleclick nor right/left click are not working (no options).

Kind regards,
Jozko Mrkvicka
0 Kudos
Vladimir
Champion
Champion
‎2019-03-18 01:52 PM
In response to JozkoMrkvicka
Jump to solution

You may not be able to, if you do not have "EndPoint Management" blade enabled on your management server.

The application that is managing it, from my limited understanding, is the "SmartEndpoint" that you should find next to a SmartConsole in the R80.20 Program Group launch menu.

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2019-03-18 02:18 PM
In response to Vladimir
Jump to solution

I do have EndPoint Management blade activated. I did it in R77.30, before upgrading to R80.20. It wasnt activated before.

image.png

 

"SmartEndpoint" is grayed out:

image.png

 

In case I try to manually connect to EndpointManager.exe from R80.20 folder, I am getting this...

image.png

Kind regards,
Jozko Mrkvicka
0 Kudos
JozkoMrkvicka
Authority
Authority
‎2019-03-18 03:26 PM
In response to JozkoMrkvicka
Jump to solution

Looks like I finally find it - not in my environment, but in this YouTube video. There (at around 02:00) you can see that DHCP services are used in some rule. This is exactly what I searched for. Anyway, I cannot access EndPoint from some unknown reason...

Another related YouTube video shows how to activate Endpoint.

Tried to de-activate Endpoint Policy Management blade, install database, re-enable blade again, and voala:

image.png

Thank you for wasting my time 😄

I will give it last change to deploy SMS, import database and try it once again, without MDS/CMA...

 

Kind regards,
Jozko Mrkvicka
0 Kudos
HeikoAnkenbrand
MVP Gold
MVP Gold
‎2019-03-18 03:36 PM
Jump to solution

I think a TAC case might be helpful.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos
Vladimir
Champion
Champion
‎2019-03-18 05:17 PM
In response to HeikoAnkenbrand
Jump to solution

Yep. With this thread referenced in SR.

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2019-03-19 11:34 AM
In response to Vladimir
Jump to solution

The original database was gathered from R77.30 SMS, but in my LAB I performed migration from SMS to dedicated CMA. It could be that once SMS is up and running with original database, I can access SmartEndpoint and finally check rules where affected services should be in place 🙂

I will keep you informed, at the moment database is importing.

Kind regards,
Jozko Mrkvicka
0 Kudos
Vladimir
Champion
Champion
‎2019-03-19 12:49 PM
In response to JozkoMrkvicka
Jump to solution

Check the "Desktop" policy.

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2019-03-19 01:30 PM
In response to Vladimir
Jump to solution

So the issue was solved and object has been deleted.

This procedure is valid only for SMS ! MDS and CMA is not supported (the only way how to get rid of it is to delete reference in GuiDBedit tool).

All what has to be done on SMS is to activate "Endpoint Policy Management", install database, connect via SmartEndpoint application and delete following 2 rules:

image.png

image.png

I have no idea why this was in place, but it might be due to very old environment deployed about in 2010 year ...

Thank you everyone for your time, the story can be closed 🙂

Kind regards,
Jozko Mrkvicka
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events