Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Tomer_Sole
Mentor
Mentor

Infinity R80.10 "Cool Feature of the Day" - Show changes since last policy installation

The R80 platform is built based on revisions. On the back-end, every time an admin publishes his changes, a database revision is created with only the delta changes that were made by the admin. This is an important building block of the platform that we utilize in many ways. You can read more about this at https://community.checkpoint.com/thread/5064-r8010-architecture-overview 

So when you click on Install Policy and select the policy to install, SmartConsole is able to show you all the changes that were published since the previous policy installation. 

Clicking the link brings the revisions view, filtered to only show the relevant sessions that happened after the revision that was installed on the gateway. Inside the revisions view, the bottom pane pulls the changes that were linked to the selected session from the audit logs.

You can open this dialog per specific-gateway as well. 

This gives you a way to verify what exactly will be pushed to each gateway, prior to installing the policy. You can review these changes, and potentially decide to postpone the policy push in favor of changing some of the elements.

2 Replies
Timothy_Hall
Champion
Champion

I'd love to see a checkbox added next to View Changes that would be per-administrator and persistent across policy installations.  When set, this new checkbox would always throw the list of Revisions shown in the second screenshot above into the administrator's face, and force them to close it before actually installing policy.  While it is a great habit to always hit View Changes before installing policy, when set this new checkbox would automatically show the administrator what other published sessions (including those that were created by someone else earlier) are about to be deployed to the gateway.

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Gaurav_Pandya
Advisor

Yes. This is a great feature of R80.10 and plus point is that we can see the changes by which administrator made which changes and go back to that particular changes.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events