- Products
- Learn
- Local User Groups
- Partners
- More
Firewall Uptime, Reimagined
How AIOps Simplifies Operations and Prevents Outages
Introduction to Lakera:
Securing the AI Frontier!
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
SharePoint CVEs and More!
Hello Guys,
is it possible to limit the access for a user that has access to the management server, only to get view and/or access to dedicated firewalls that are present on the management server?
Thanks
Concerning what can be done in Dashboard: No, permissins are not that granular - see here how it can be restricted: https://sc1.checkpoint.com/documents/R82/WebAdminGuides/EN/CP_R82_SecurityManagement_AdminGuide/Cont...
For access to the Security Gateway machine you can set individual Gaia administrators per machine with specific roles.
In Gaia Portal go to - User Management > Users or Roles
The Multi-Domain Management is the sholution for this:
https://www.checkpoint.com/quantum/multi-domain-security-management/
Akos
This is not the solution - remember how expensive MDM licenses are, so if you need one SMS to manage your gateways, you will not pay x-times its price to get such options. I also do not know if this granular access does not only concern CMAs (as each CMA could have a different admin, a concept that makes sense).
True, I had such kind of discussion with one of our customer. They didn't buy MDS....
I believe what @Tal_Paz-Fridman said also makes lots of sense to me. See attached.
Andy
NO - the question is about granular admin rights on SMS by Dashboard (user that has access to the management server can only view and/or access dedicated firewalls on the management server), not about GAiA portal access on different gateways.
thanks for the answers so far ...so it will not be so easy to archive
Rather impossible - only by using one CMA per GW in MDM, which is very expensive...
Better use admins that are trustable and let them swear on the bible that they will only touch their GW in Dashboard 😉 As all actions are recorded, you can always trace who did what when on which rule or GW...
:D:D ok that workaround is even better, we will do that 😉
FWIW, here is what AI Copilot said, though to me, does not seem like it would work for you : - (
Andy
Yes, it is possible to limit the access for a user to only view and/or access dedicated firewalls on the management server. This can be achieved by creating specific permission profiles and assigning them to the user. Here are the steps to do this:
Create a Permission Profile:
Assign the Permission Profile to the User:
Limit Access to Specific Firewalls:
By following these steps, you can ensure that the user has limited access to only view and/or manage specific firewalls on the management server.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
24 | |
16 | |
4 | |
4 | |
3 | |
3 | |
3 | |
3 | |
3 | |
2 |
Tue 07 Oct 2025 @ 10:00 AM (CEST)
Cloud Architect Series: AI-Powered API Security with CloudGuard WAFThu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Thu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Wed 22 Oct 2025 @ 11:00 AM (EDT)
Firewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents OutagesAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY