Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
mohit
Explorer

Need urgent help on the below topics

 

  • I am making controls that run on clish mode and expert mode like show inactivity timeout and also remediate it using the positive and negative identifier.
  • I need help in using smart console command line, I cannot find things that can be set in the smart console using the command line.
  • I have found four controls of smart console which, can be set like warning messages but I want to know that blades can be enabled or disabled using the command line.
  • I also want to know about the best security practice and features of the checkpoint firewall which will affect any organization in a positive way.
  • The goals that I want to achieve is that I have to make controls, for example, enabling blades like ips, VPN, threat prevention, etc. using the command line.
  • I also want to know that its possible or not?
  • For example, I have made controls like "Show password control password length," so the positive identifier here means is that what should be the best password range, which is hard to crack. Negative means easy passwords like four letters only.
     

 

0 Kudos
2 Replies
Sigbjorn
Advisor

Hi,

You have many questions, but not enough information to get accurate answers.

In regards to the API, it is starting to become complete, and if you play around with generic-object, you can pretty much solve any challenge today.

I suggest you start by reading the API Documentation, it should answer most of your questions.

https://sc1.checkpoint.com/documents/latest/APIs/index.html#introduction~v1.5%20

 

0 Kudos
PhoneBoy
Admin
Admin

Enabling and disabling blades means modifying the gateway object and pushing policy which can be done from the CLI.
However, if you're actually in SmartConsole, why not use the actual GUI to do things?
The CLI in SmartConsole is different from the other CLIs in that it's only meant to work with the management APIS.

On passwords in particular, "guessability" is a function of length and complexity.
A long password of purely upper and lower case letters can be just as unguessable as a shorter, more complex password.
There's also the factor of what users are willing to enter.
There is therefore some debate on what the “best practice” is in this area.
0 Kudos