This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
kamilazat
Collaborator
‎2024-12-09 03:44 AM

How valid are database domains today?

Hi all!

I've been reading https://dkcheckpoint.blogspot.com/ and noticed that he's talking about database domains:

Database Domains
Management database configuration stored in postgres database is partition into several rational database domains -

1. Global Domain
   - exist in the Security Management Deployment
   - It is
2. User Domain
   - Stores user modify configuration such as network objects and security policies
   - Multi Domain environment, each domain contains a separate user domain type
3. System Domain
  - contains administrator data,
  - Folders
  - Domain
  - Trusted GUI Client permission profile
  - Management settings
4. Log Domain 
  - contains config data of log servers and save queries for application

When I tried to look these up on documentation and SKs, I didn't find anything explanatory, and thought that maybe this is is not as relevant today compared to earlier versions. Maybe they changed the architecture and removed the explanations because they're not relevant anymore.

But wanted to ask anyway, how relevant is this explanation of database domains today in R81.20 and R82? Is there a document that I can read more in detail about it?

 

Cheers!

0 Kudos
(1)
3 Replies
_Val_
Admin
Admin
‎2024-12-09 03:55 AM

Firstly, it would make much more sense to ask the author of the blog, Shyam. 

Secondly, in this particular instance, he is trying to describe a specific Check Point term, Security Management Domain, widely used in Multi-Domain Management systems, in his own words, (in my personal view) very loosely and not exactly accurately. 

It is much better described in the documentation guides, for example here. In that narrative, a security management domain is a valid and quite important term.

Let me know if this helps.


0 Kudos
Tal_Paz-Fridman
Employee
Employee
‎2024-12-09 04:23 AM

Adding to what _Val_ wrote you can also check out the relevant section in Check Point for Beginners

https://community.checkpoint.com/t5/Check-Point-for-Beginners/Check-Point-Jump-Start-Multi-Domain-Ma...

 

0 Kudos
Albert_Wilkes
Collaborator
3 weeks ago

Hi Kamilazat,

I believe the domains you mention are still valid. E.g. in this article PhoneBoy is referring to the system domain https://community.checkpoint.com/t5/General-Topics/Getting-SmartConsole-settings-via-CLI/m-p/215476#... and referring to @Omer_Kleinstern who uses mgmt_cli to operate on -d "System Data" .

Possibly this is the same as mentioned in this https://sc1.checkpoint.com/documents/latest/APIs/index.html#introduction~v2%20 and called the "system data domain".

This would align with Shyam's statements that the "system domain" contains "administrator data" which relates well to the statement "To manage administrators and permission profiles, log in to the System Data domain" in the last link.

It'd be great if someone can refer to a comprehensive mgmt architecture documentation. I didn't find anything about the other database domains.

The word "domain" is used in too many contexts in CP. MDS domains, DNS domain objects in the rulebase and now with domains in the postgres database ...

Cheers

Alb

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events