Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Tal_Ben_Bassat
Employee
Employee

🚀 This Month’s Spotlight: 4 Features You Should Start Using Today - August 2025

 

Welcome Back to Our Quantum Management Spotlight

Every month, we shine a light on powerful features in Quantum Security Management’s SmartConsole that make your job easier, your environment cleaner, and your decisions sharper. These aren’t add-ons - they’re already included in your system, just waiting to be used.

This month, we’re spotlighting four features that every security admin should start using today.

 

🚀 This Month’s Spotlight: 4 Features You Should Start Using Today

 

  1. Hit Count in the Rulebase - know what rules truly matter

 

What it is:

 Hit Count in the rulebase shows how frequently each rule in your Access Control or NAT policy matches traffic. You can view counts as numerical values, percentages of total traffic, or tiered levels (Very High, High, Medium, Low, Zero).

Use cases:

  • Spot unused rules: Quickly identify Zero-hit rules and clean them out.
  • Optimize performance: Shift high-traffic rules upward to improve efficiency.
  • Validate policies: Confirm that critical rules are acting as intended.

Why you’ll love it: 💛

  • Instant clarity – See real traffic impact without enabling logging.
  • Already on – Hit Count is enabled by default so you can start right now.
  • Cleaner policies – Keep your rulebase lean and relevant.

🆕 New in R82.10 and from R82 Jumbo Take 36
One of the most anticipated enhancements: you can now search rulebases by hit count values (both Access and NAT policies) directly in SmartConsole and the Management API.
Example: quickly find all Zero-hit rules for cleanup, or all rules exceeding 10,000 hits.
This capability streamlines audits and large-scale policy tuning.

How to view & filter Hit Count in the rulebase:

  1. In the rulebase, right-click the header row → Hits to show the column.
  2. Right-click any rule to choose timeframe (Day, Week, Month, 3 Months) and display format (Value, Percentage, Level).
  3. Use the new search bar to find rules by hit count value or range.
  4. Optional: Export CSV (now includes "Hits", "First Hits", "Last Hits").

Documentation & References

Also supported in the latest Web SmartConsole release for both SMC and MDS. Requires the latest Jumbo Hotfix update.

 

Hits column in policy:  

Tal_Ben_Bassat_0-1754938918102.png

 

 Search by hits:

Tal_Ben_Bassat_1-1754938918121.png

 

----------

  1.  Where Used + Replace (Even with “None!”)

 

What it is:

Many admins are familiar with the Where Used feature - it instantly shows every location where a specific object is used, whether in Access Control policies, NAT rules, groups, or elsewhere. What fewer people realize is that you can go a step further: 

  • Replace the object with another one - everywhere it’s used - in one action.
  • Pro tip: You can even replace it with “None, instantly removing it from all rules and objects in one sweep.

Use Cases:

  • Bulk cleanup – Retire obsolete objects everywhere without manually editing each rule.
  • Object replacement - Swap an old server object for a new one across your entire environment.
  • One-click cleanup using Replace with None to remove unused or temporary objects everywhere they appear.

 Why You'll Love It: 💛

  • Massive time saver - turn what used to be hours of manual cleanup into seconds.
  • Error-proof - ensures no forgotten references are left behind.
  • Full coverage - works in Access Control, NAT, and group definitions.

How to Use It:

  1. Right-click an object in the Object Explorer or directly in the rulebase.
  2. Select Where Used to see all locations.
  3. Review the full list of all locations the object is used.
  4. Click Replace:
    • select another object or
    • choose None to remove the object from all rules in one action.
  5.  Apply the change and Publish.

 

Right click on object:

Tal_Ben_Bassat_2-1754938918137.png

 

Where Used menu:

Tal_Ben_Bassat_3-1754938918142.png

 

Tal_Ben_Bassat_4-1754938918148.png

 

----------

  1. Session Take-Over - regain control instantly

 

What it is

The Session Take-Over feature in Check Point SmartConsole allows administrators to assume control of another user's session.

This is particularly useful when sessions are left open, potentially blocking critical changes or when an administrator is unavailable.

Use Cases:

  •   Resolve stale sessions: Quickly take over sessions that are no longer active or have been abandoned.
  •   Emergency access: Gain immediate access to perform urgent configurations or troubleshooting.
  •   Collaborative workflows: Facilitate teamwork by allowing multiple administrators to work on the same session.

Why You'll Love It: 💛

  •  Enhanced productivity: No need to wait for another administrator to finish their session.
  •  Improved security: Prevent unauthorized changes by ensuring only active sessions are in use.
  •  Seamless collaboration: Work together efficiently without session conflicts.

How to Use It:

  1.  In SmartConsole, navigate to Manage & Settings > Sessions.
  2.  Locate the session you wish to take over.
  3.  Right-click on the session and select Take Over.
  4.  Confirm the action when prompted.

 Note: The ability to take over sessions requires appropriate permissions configured in your user profile.

               

Take over menu:

Tal_Ben_Bassat_5-1754938918159.png

 

Operation completed:

Tal_Ben_Bassat_6-1754938918163.png

 

View on the other session side:

Tal_Ben_Bassat_7-1754938918165.png

 

----------

  1. Custom Views in SmartView - tailor your monitoring experience

 

What it is:

Custom Views in SmartView allow administrators to create personalized dashboards that display specific data relevant to their monitoring needs. These views can include real-time traffic statistics, system counters, VPN tunnel statuses, and more.

Use Cases:

  •   Focused monitoring: Create views that concentrate on specific gateways, services, or user groups.
  •   Historical analysis: Set up views to analyze traffic patterns over defined periods.
  •   Performance tracking: Monitor system counters and VPN tunnel statuses to ensure optimal performance.

Why You'll Love It: 💛

  •   Personalized dashboards: Design views that align with your specific monitoring requirements.
  •   Enhanced visibility: Gain insights into areas that matter most to your operations.
  •   Efficient troubleshooting: Quickly identify issues by focusing on relevant data.

How to Create a Custom View:

  1.  In SmartView, select New View.
  2.  Choose the type of view you wish to create (e.g., Traffic, Counters, Users).
  3.  Define the data sources and filters for your view.
  4.  Customize the layout and appearance to suit your preferences.
  5.  Save the view and access it anytime.

New View:

Tal_Ben_Bassat_8-1754938918173.jpeg

 

Example to new view:

Tal_Ben_Bassat_9-1754938918183.png

 


 Why these features deserve your attention

Each of these four tools is already part of your Quantum Security Management platform:

  • No extra licensing required
  • Easy to activate and use
  • Immediate, tangible benefits

Whether it’s cleaning up your policy, responding faster in emergencies, or improving visibility, these tools help you work smarter.

 

Ready to Elevate Your SmartConsole Experience?

Start using these features today.

Have feedback or a feature you’d like to see next month? Drop us a line at QuantumMgmt‑Feedback@checkpoint.com .

Missed our first spotlight? Catch up here:.
This Month's Spotlight: 3 Features You Should Start Using Today

 

 

(5)
7 Replies
Lari_Luoma
Ambassador Ambassador
Ambassador

Let me add here what you should STOP using.

1. Install-on field on rules. 
Create a separate policy for each security gateway/cluster.

2. Manual NAT-rules
Use manual NAT only for complex NAT where you will have to translate source and destination or port.
In all other cases use automatic NAT. It keeps your environment a lot less complex.

3. Rules that have tens of objects
Consolidate rules when possible, use simple object groups (avoid nested groups though) and allow access based on identities instead of IP-addresses.

4. Large policies with no structure
Use unified policies with inline layers, use section headers and add a comment to each rule.

5. Ordered layers
Use unified policies rather than having a separate policy for every access control blade

(1)
Daniel_Kuhl1
Employee Employee
Employee

Great tips!

0 Kudos
Stephanie_MDO
Employee
Employee

Is there an API option to the replace feature? I did not see that option in the API guide.

 

0 Kudos
Tomer_Noy
Employee
Employee

API for "replace where-used" will arrive in one of the upcoming JHFs.

We added it to enable this functionality in an upcoming Web SmartConsole as well.

Daniel_Kuhl1
Employee Employee
Employee

Immediately after reading the tips I was searching through the API documentation for the replace feature and wanted to ask the same question. 😂

0 Kudos
Daniel_Kuhl1
Employee Employee
Employee

Thanks for sharing.

0 Kudos
Amir_Senn
Employee
Employee

You can also find new views/reports in SmartEvent toolbox in the following link:

https://community.checkpoint.com/t5/SmartEvent/bd-p/SmartEvent

Kind regards, Amir Senn
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events