This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jose_Ramon_Rodr
Participant
‎2019-02-25 04:44 AM

How can a specifc VS be reached from a SmartCenter with the sk103154 script?

Hi.

We are trying to implement the sk103154:

How to block traffic coming from known malicious IP addresses

We got to send from a SecurePlatform SmartCenter (no MDS) the script to the Gaia firewall VSX 0 but we haven't found the way to send it to another VS under it. If we specify the name of the firewall in SmartDashboard it doesn`t work. The IP of the Gateway Object of those specific VS aren't reacheable for the SmartCenter.

Any ideas?

Thanks.

0 Kudos
7 Replies
Danny
Champion Champion
Champion
‎2019-02-25 05:23 AM

Hi, your SmartCenter is still running on SecurePlatform? Time for an upgrade mate.

However, you can't login into a VS directly. So you need to adjust the script to login into the vs0 first and then change to the relevant VS id.

0 Kudos
Jose_Ramon_Rodr
Participant
‎2019-02-25 05:29 AM
In response to Danny

Actually, it's the lab environment: in production we have recent hardware and software versions and probably won't have this issue becouse I hope we'll be able to reach the gateways by their names. But we wanted to test the solution previously there.

I'll study the script, thank you.

0 Kudos
Jose_Ramon_Rodr
Participant
‎2019-02-25 05:32 AM
In response to Jose_Ramon_Rodr

By the way... that adjustment in the script should be done also in production environment if it has MDS to VSXs? Or it is just with SmartCenter to VSX?

Thanks.

0 Kudos
Danny
Champion Champion
Champion
‎2019-02-25 05:34 AM
In response to Jose_Ramon_Rodr

It's the same in your production environment as you can't login into a VS directly.

0 Kudos
Jose_Ramon_Rodr
Participant
‎2019-02-25 05:39 AM
In response to Danny

So sk103154 script only works in stand-alone environments where management server can reach directly the firewalls, doesn't it?

0 Kudos
Maarten_Sjouw
Champion
Champion
‎2019-02-25 10:55 AM

What type of script are you actually trying to run on the VS? It may help us help you to know what you are trying to achieve, is it the block_IP script from that SK or is it something else?

Maybe you should look at cprid_util, a tool to run commands/scripts from the management server. see SK106490

Regards, Maarten
0 Kudos
Jose_Ramon_Rodr
Participant
‎2019-02-25 10:33 PM
In response to Maarten_Sjouw

It's the SK script. We made it work but only connected with the VS 0: we couldn't give the VS X as an argument via the text file where you assign the gateways you want to be covered by it.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top