This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
emre
Explorer
‎2019-08-20 04:39 AM

how to find conflicts rules in firewall

Hi,


How can i find conflicts or matched rules in firewall rules. I looked at in Compliance blade but I didn't find anything about this.

 

for example, it can told me you can matched rule2 and rule3. Skybox algosec etc. applications can do but I want to do in with checkpoint management

0 Kudos
6 Replies
Tal_Paz-Fridman
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
‎2019-08-21 01:16 AM

The Verifier does that (and blocks Install Policy) for rules hiding one another or when rules are conflicting.

You can run it separately from the Install Policy - go to Menu > Verify Access Control Policy

0 Kudos
emre
Explorer
‎2019-08-21 01:22 AM
In response to Tal_Paz-Fridman

thank you for reply. I know this feature but I want to get more detail information and report. for example, you can merge merge this rules, you can create new group and collect below one rule. other for example, these object didn't used to any rule
0 Kudos
PhoneBoy
Admin
Admin
‎2019-08-25 07:06 PM
In response to emre

We offer this and a whole lot more with the SmartOptimize service: https://www.checkpoint.com/support-services/design-deploy-operate-optimize/smartoptimize/

For unused objects/rules, there are API commands/scripts that can generate a list.
Recommend searching the community.
For "merge these rules" sorts of recommendations, we don't offer any automated tools for this.
0 Kudos
emre
Explorer
‎2019-12-19 01:42 AM
In response to PhoneBoy

Hi,

How can I find unused object in rule.

for instance there is 5 service or source object in rule but PC1 named object didn't ever hit for this rule and I should remove this object in rule

0 Kudos
mdjmcnally
Advisor
‎2019-12-19 01:59 AM
In response to emre

You probably better looking at 3rd Party products such as Skybox or Tufin.

These have this capability in terms of Compliance and Rulebase Optimization, can also help with Firewall Automation as well for Changes.

0 Kudos
PhoneBoy
Admin
Admin
‎2019-12-21 11:32 PM
In response to emre

This is not something we have currently in the product.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events