Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Zachi_Schnieder
Employee
Employee

SMB Mobile Application

Hi All,

By the end of this week, we are planning to start an EA program of our new SMB Mobile Application (WatchTower)

Main features:

  • Push notifications for immediate reaction on security and network events
  • Easily Manage and switch between multiple security gateways with a single login
  • Monitor your network and security status via simplified statistic pages (Traffic, Events, etc.)
  • On top of the above, there are many other important features.

 Restrictions:

  • Supports only locally managed appliances
  • Supported by 700/1400 only
  • Supported by R77.20.86 (EA firmware) and Above

If you wish to participate, please send me an Email to zachis@checkpoint.com

Thanks,

Zachi Schnieder

SMB project manager | Check Point SW Technologies

40 Replies
HristoGrigorov

Is it going to be available for centrally managed units as well ?

G_W_Albrecht
Legend
Legend

Why should that be ? I see no additional features compared to central management and SmartEvent, except the use of mobile phones...

CCSE CCTE CCSM SMB Specialist
Naftali_Oziel
Collaborator

that's the feature value, the mobile part!

0 Kudos
G_W_Albrecht
Legend
Legend

Yes, that surely is a valuable feature ! In a SMB company, the CEO will now be able manage his FW from the dining table or cocktail lounge . But although you are able to block attached clients and get notified of events, you can not change policy or configuration...

CCSE CCTE CCSM SMB Specialist
Zachi_Schnieder
Employee
Employee

Hi Hristo,

Currently is only for Local management units

Zachi_Schnieder
Employee
Employee

Hi All,

By the end of this week, we are planning to start the EA program of our new SMB mobile application (WatchTower)

If you wish to participate, please send me an Email tozachis@checkpoint.com

Thanks,

Zachi Schnieder

SMB project manager | Check Point SW Technologies

0 Kudos
PhoneBoy
Admin
Admin

I've had a chance to play with this already. 

While I echo the feedback that this would be great for centrally managed SMB units as well, I'm pretty impressed with this overall!

Definitely makes it easier for me to see what's going on at home while I'm traveling the globe to be with my CheckMates Smiley Happy

Highly recommend getting involved in the EA if there is any interest.

0 Kudos
Naftali_Oziel
Collaborator

Thanks Dameon, I will be getting involved with EA, only concern is stability of build 823 trying to avoid a similar situation to build 701/731.   Need to test in a controlled environment and not sure if it's production ready?

G_W_Albrecht
Legend
Legend

I would not use an EA product in a production environment !

CCSE CCTE CCSM SMB Specialist
Naftali_Oziel
Collaborator

Thanks, completely agree and my lab is currently unavailable so it makes it difficult to drive the EA.   If I may ask for a favor since you're running it in a lab, do you find it to consume more memory/CPU anything out of the ordinary when using it with the app to check for status of firewall?   My main concern is the resource consumption.

0 Kudos
G_W_Albrecht
Legend
Legend

I can not see that as my LAB unit is usually not under load and i have no longer-term RAM/CPU history graph that would be able to show that. All i did check was the App itself and the blocking functionality.

CCSE CCTE CCSM SMB Specialist
0 Kudos
Naftali_Oziel
Collaborator

Ok thank you

G_W_Albrecht
Legend
Legend

I also did quick checks for my LAB SMB GW with the EA during the weekend, and i really do like the product ! What i was not able to locate is:

- Security policy configuration: remote management of your security policy via web UI.

- Simple management of multiple gateways: configure the security settings for multiple gateways.

I did not find any item connected to the current policy or configuration yet...

CCSE CCTE CCSM SMB Specialist
0 Kudos
Naftali_Oziel
Collaborator

Zachi Schnieder‌ Hi Zachi are you able to comment on this part?

0 Kudos
Naftali_Oziel
Collaborator

Instructions from Zachi

In case upgrade was performed from R77.20.85 firmware to the new one (R77.20.86), please follow the instructions below and make sure the relevant parameters are updated as required:

 

In your WebUI, go to Device->Advanced Settings page:
1. Search for “Mobile Settings - Notification cloud server URL” and set it to https://smbcloud-dev-api-gateway.kube1.iaas.checkpoint.com/notifications/mobile/send

2. Search for “Admin Lockout – Mobile application session timeout” and set it to 30

G_W_Albrecht
Legend
Legend

Apart from the fact that i did follow these instructions - why did you include that here ? We will hope that for one, the default of the GA App will be correct and two, that better installation instructions will be provided, 

CCSE CCTE CCSM SMB Specialist
0 Kudos
Naftali_Oziel
Collaborator

Why not?  is this not a forum for EA and exchange of information?  The "don't shoot the messenger" applies.  Simply forwarded instructions provided to me for the EA.  yes agree, and hope while not a strategy that GA will not require any tuning of such kind. 

0 Kudos
G_W_Albrecht
Legend
Legend

The cited proverb means making the messenger responsible for the bad news he brings, but you have brought us no news at all ! As everybody taking part in the EA testing has already received these instructions, this is rather only a space-consuming non-message, as nobody will profit by duplicating the instructions that have been forwarded to all participants already...

CCSE CCTE CCSM SMB Specialist
0 Kudos
Naftali_Oziel
Collaborator

Have a great day! Glad the news I brought you was not interpreted to be bad news....

0 Kudos
Tom_Hinoue
Advisor
Advisor

Sent a feedback regarding the EA through our local SE Smiley Happy

Overall nice looking and good experience, except I could not locate where I could change the gateway settings as Günther already cited in this thread.

One thing... it maybe an gateway side problem (R77.20.86 EA Build 990172823) but the blocking/unblocking infected devices feature is not working smoothly for me... has anyone experienced similar issues?

e.g. I can block the host remotely from the app so it cannot access the internet, but unblocking or removing the host from the infected devices list seems to not remove it completely from the implied block rule; the host cannot access the internet though I unblocked it. (of course included in my feedback)

Also, blocking the infected host makes it not access the internet, but still could ping outside, I wonder if this is by design. (for troubleshooting?)

0 Kudos
PhoneBoy
Admin
Admin

I noticed there was a short delay between block/unblock action.

Also yes you can still ping even when blocked.

Tom_Hinoue
Advisor
Advisor

Hi Dameon, thank you for clarifying the pinging part.

Regarding the block/unblock action, I will check again in my lab if there are any issues.
I hope its just an delay as you mentioned... (that we can wait for 

0 Kudos
Naftali_Oziel
Collaborator

Hi Tomohiro, if I may ask for a favor as my lab is down and have not been able to participate as expected for the EA program.  Aside from testing the Mobile App, have you noticed any changes in behaviour from the device in terms of memory/cpu consumption?  Fully understand this may not be in full load in a lab environment, simply curious.

Thanks,

0 Kudos
Tom_Hinoue
Advisor
Advisor

Hi Naftali.
Honestly, I think I wont be able to answer your concerns regarding the performance of the device firmware itself, and also I believe the environment I have wont be relevant to the overall performance (at the moment) since I'm focusing on the functionality of the some new features (including mobile app) in this EA program rather than firmware stability. 


I think the environment will differ on the management mode and what blades/policy configuration you have other than simply the load. (btw, I focus mainly on locally managed 700s)

0 Kudos
Naftali_Oziel
Collaborator

Thanks Tomohiro

0 Kudos
G_W_Albrecht
Legend
Legend

I would assume that there is not much load generated by the app - after loading the data form the GW, things happen locally. I have tested that with a monitoring script ...

CCSE CCTE CCSM SMB Specialist
0 Kudos
Naftali_Oziel
Collaborator

Thank you, appreciate the information.

0 Kudos
G_W_Albrecht
Legend
Legend

IMG_2679[1].PNG  IMG_2683[1].PNG  IMG_2662.PNG

IMG_2676[1].PNG  IMG_2677[1].PNG  IMG_2675[1].PNG

CCSE CCTE CCSM SMB Specialist
0 Kudos
G_W_Albrecht
Legend
Legend

Hoooray - i finally have found it !  It is in Tab Settings behind the three points in the upper right corner:

Here it is ;-)Here it is 😉

CCSE CCTE CCSM SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events