This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
kramer97
Explorer
‎2021-02-24 06:56 AM

SmartConsole Versions

Hi all,

I'm just curious, if I install SmartConsole 80.30, can I manage firewalls and devices which are running R77 or even 80.10? Or does the smart console versions have to match 1:1 to the firewall os infrastructure versions?

Thanks

0 Kudos
6 Replies
PhoneBoy
Admin
Admin
‎2021-02-24 08:42 AM

No, you have to have the precise version of SmartConsole/SmartDashboard as the management server you are connecting to.

0 Kudos
Bob_Zimmerman
Authority
Authority
‎2021-02-24 11:02 AM
In response to PhoneBoy

Expanding on this, in case there's some confusion. Check Point's product involves several parts.

SmartConsole goes on a Windows workstation. It is the visual interface which lets you define objects and rules, but it doesn't store any of them, and it doesn't process traffic.

SmartCenter is an application which is often installed on Check Point's OS. For a while, it could be installed on Windows, Solaris, or Redhat, but I don't know if that is still the case. It is a service which stores the objects and rules defined using SmartConsole. It has no GUI of its own, though you can interact with current versions using an API, and a command-line tool which interacts with this API. It is not involved in processing traffic.

I no longer know the proper name for the firewall itself (it was Firewall-1 for a while, then VPN-1), but it's a separate piece of software. For a while, it could be installed on Windows, Solaris, or Redhat, but this was really rare, and I'm pretty sure that hasn't been supported in years. Remotely current firewalls mostly run Check Point's "appliance" OS, GAiA. The firewall filters traffic, but has no GUI of its own, and has very limited ability to change the filtering configuration.

The SmartCenter and the firewall can be installed on the same system (called a "standalone deployment"), or you can have one SmartCenter which manages one or more firewalls (called a "distributed deployment".

The SmartConsole version and the SmartCenter version must match.

In a standalone deployment, SmartCenter and firewall version must match.

In a distributed deployment, a SmartCenter of a given version can manage several earlier firewall versions. For example, R80.20 can manage R77 firewalls. Some SmartCenter versions can manage newer minor versions. For example, SmartCenter R80.20 can, with an update, manage R80.40 firewalls, but it cannot manage R81.

G_W_Albrecht
Legend Legend
Legend
‎2021-02-25 01:34 AM
In response to Bob_Zimmerman

From the R80.40 Release Notes:

Supported Platforms

Check Point Product

Red Hat Enterprise Linux

VMware ESXi

Microsoft Hyper-V*

Security Management Server

7.3 or higher

5.x, 6.x

Windows 2012 R2, 2016 (64-bit only)*

Multi-Domain Security Management Server

7.3 or higher

5.x, 6.x

Windows 2012 R2, 2016 (64-bit only)*

Security Gateway

Not Supported

5.x, 6.x

Windows 2016 (64 bit only)

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Bob_Zimmerman
Authority
Authority
‎2021-02-25 05:21 AM
In response to G_W_Albrecht

So management is no longer supported on Solaris or Windows, and firewall is no longer supported on RHEL either. Good to know. Even in 2010, installations on OSs other than Check Point's trimmed Linux distribution (SecurePlatform at the time) weren't common. IPSO was the second most common I saw, and it's gone now.

0 Kudos
PhoneBoy
Admin
Admin
‎2021-02-25 11:09 PM
In response to Bob_Zimmerman

Solaris was last supported back in the R65 days at least for management.
Windows and IPSO were last supported in R77.30.

0 Kudos
the_rock
Legend
Legend
‎2021-02-24 02:46 PM

Yes, you can...as long as fw are lower versions that mgmt, you can manage them.

 

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 18 Mar 2025 @ 09:30 AM (EET)

    CheckMates Live Greece
    In-Person

    Tue 25 Mar 2025 @ 09:00 AM (EDT)

    Canada In-Person Cloud Security with Hands-On CloudGuard Workshops!
    In-Person

    Tue 25 Mar 2025 @ 12:00 PM (MDT)

    Salt Lake City: CPX 2025 Recap
    In-Person

    Tue 08 Apr 2025 @ 12:00 PM (MDT)

    Denver: CPX 2025 Recap
    CheckMates Events