As I wrote, I am not an admin.

So that is the issue, ok.

I tried Web Smartconsole, but that doesn't seem to give me the ability to change QoS Policy... (also "Manage policies and layers" is just grayed out)

It wont give that option, since you would not have read write permissions. Is your account read-only or you have custom permissions?

To be sure I was using the admin account (super user).

Does web smartconsole need permissions configured somewhere else?

or is this maybe not available in R81.20 (latest take of SC Web)

No problems, does work, I just tested it. Can you send a screenshot?

Haha, ok..

What you currently require is always only in the next version 😉

Haha, lol. Anyway, guess no choice then 🙂

Yeah no choice but to not update QoS policy.

Legacy editor launched for QoS config doesn't work without admin rights either 😞

Are you not able to use standalone smart console?

No, for initial reason. (non-admin user)

I suppose best thing is to have admin then make those changes.

That won't work. Impossible to explain to anyone that some configuration tools requires admin privs.

Not sure what other option there is mate : - )

The other option is fixing the client so it doesn't require admin privs to use part of it.

Lets see, hopefully at some point it will be available.

Happy New Year!

This is very environment-dependent.

In environments with many administrators or large management databases, a restart can be disruptive and time-consuming.

Definitely something to think twice about before doing it.

Yeah but having requirements which make no sense does not impress any of our security guys actually which give admin permissions.

Will this be fixed?

I presume this will occur as the legacy components are re-implemented or replaced (e.g. in Web SmartConsole).

*access to check point services

Just remember though, its not always black and white picture, as the saying goes. I know people who moved off CP after many many years, because of specific problem that could not be solved, went to another vendor, all was fine for some time, then vulnerabilities started popping up, now they want to go back to CP real bad. 

Something to think about.

Happy New Year!

It's not black-and-white at all.
There are many reasons.

First of all we're not a very big shop, and administering "dinosaur" CP on the side is no longer viable.

Then, we maybe open a case per year in average. A few years ago I was so frustrated with a case where they didn't understand anything at all. For the price this equipment and support costs that is not acceptable. Which is when I promised our sales guy we wouldn't renew. I tend to keep my promises.

I know support is **bleep** everywhere, but that doesn't mean no actions can be taken. Everyone gets a chance.

Concerning vulnerability issues, people say that CP simply doesn't disclose them. I don't know what reality is, but as long as you stay up-to-date and are not stupid enough to put your management interface on the Internet, you're probably generally safe.

We'll see.

Happy New Year! 😄

I see what you are saying. Regardless what you guys decide, hope it all works out!