This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
CP_SA
Participant
‎2020-01-02 09:56 AM

Disable Automatic Policy Pushing

Good Afternoon -

Can someone please shed some light on how we can stop our 3150 Mgmt station from automatically pushing policy to our configured SMB gateways.

We have each gateway object configured to fetch policy manually, but our management station attempts to push everyday at 1200 EST even though we do not have anything explicitly scheduled on the Mgmt station or the gateways.

I have a feeling this is going to be something simple that has been overlooked!

 

Thanks!!

0 Kudos
3 Replies
Wolfgang
Authority
Authority
‎2020-01-02 12:03 PM

Hello,

are sure with automatic push of policy ?

That‘s an upcoming feature in a future release.

If you have SMB gateways and configure these with Smartprovisioning, they do a fetch of the policy every 20min .

That‘s the only automatic policy install I‘m aware of. Maybee some schedule job via API do this.

Wait, one more idea.... Maybee you did an update of your IPS pattern every 1200EST and do an policy install if update is succesfull. This is configured in the ThreatPrevention policy in the updates part.

Wolfgang

0 Kudos
CP_SA
Participant
‎2020-01-02 12:29 PM
In response to Wolfgang

This is a good suggestion!  

Smart Provisioning was not used for these gateways.

We DO have:  'Enable IPS scheduled updates on the Security Management Server and Security Gateway' 

                        'On Successful IPS update on the Security Management Server, install policy on the Security Gateway'

And I think that you are on the mark!

These lines appear to be the culprit  ---> 'Access Control policy installation will be performed for Pre R80 gateways'

                                                                         'Threat Prevention policy installation will be performed for R80 and above gateways'

All of our SMBs are on R77.20.87 - hence, the access control policy gets pushed. We really only want the Threat Prevention to push automatically, but it looks like we are stuck with it for now.

Thank you!!!

 

 

 

 

 

 

 

0 Kudos
Wolfgang
Authority
Authority
‎2020-01-02 12:46 PM
In response to CP_SA

Yes, with the SMBs running these release you can‘t differentiate between access and ThreatPrevention policy. You have to wait for R80.xx for SMB appliances. At the moment it‘s only available for 1500 appliances.
Check Point R80.20 for 1500 Appliances Features and Known Limitations 

Wolfgang

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events