This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Matlu
MVP Silver
MVP Silver
‎2025-05-04 07:13 AM

Management API Usage

Hello, everyone.

 

Can anyone guide me with the easiest way to automate object creation, and then after that add the objects to a particular group with the Management API.

We have massive requirements where we get more than 60 IPs per request, to add them to our MDS, and little experience with using ansible or python.

Are there any commands or templates to help me with the deployment of the Management API, that also allow the installation of policies in your process?

We have many Perimetrics where we have to submit changes on a recurring basis.

Thanks for the comments

0 Kudos
5 Replies
Amir_Senn
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
‎2025-05-04 07:38 AM

Hi,

We had a few solutions here in the CheckMates forum, you can browse the API discussion board and choose the option you feel the most comfortable with.

CheckMates API board: https://community.checkpoint.com/t5/API-CLI-Discussion/bd-p/codehub

One of the solutions offered is the following SK: https://support.checkpoint.com/results/sk/sk113078

MGMT API references:

Add host: https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/add-host~v2%20

Add host to group: https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/set-group~v2%20

Kind regards, Amir Senn
the_rock
MVP Platinum
MVP Platinum
‎2025-05-04 11:22 AM

Hey bro,

Did what Duane Toler give you last time help? Ansible method, that is.

Andy

Best,
Andy
0 Kudos
Tal_Paz-Fridman
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
‎2025-05-05 04:15 AM

Adding to what @Amir_Senn wrote to look at the Management API Best Practices:

https://sc1.checkpoint.com/documents/latest/APIs/index.html#tips_best_practices~v2%20

 

0 Kudos
Tomer_Noy
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2025-05-05 11:15 PM

If this is a recurring pattern, in which you need to add those ~60 weekly IPs to the same few groups, it might be worthwhile to evaluate the use-case and consider alternatives.

For example, if those 60 IPs are malicious / bad reputation IPs that you want to block, then instead of automating them into a group and pushing policy, consider using IoC feeds for blocking in Threat Prevention blades, or a Network Feed that can be placed into a FW policy block rule.

If those IPs are going into a few certain groups that are effectively owned by another team for opening traffic to certain resources, you can also consider a Network Feed with an allow rule, and either fill in the feed yourself or allow that other team to control it.

Using the above alternatives will save you the need to push policy to all your gateways after every update, and will "de-clutter" your Management as you won't need all those host objects.

0 Kudos
PhoneBoy
Admin
Admin
‎2025-05-06 08:11 AM

Depending on the versions/use case, using the API is not necessary.
For a list of IPs, you're probably better off using something like a Network Feed which just reads a file off a webserver with the IPs (or processes JSON output).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events