This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
sdellsperger
Contributor
‎2019-02-07 07:19 AM
Jump to solution

Are there any implied rules on SMB appliances and can I show them?

Hi guys,

We used to configure "standard rules" for gateways, something like this:

SourceDestinationApplicationServiceActionComment
This GWInternetAnyNTPallow
This GWInternetAnyDNSallow
This GWInternetAnyICMPallow
This GWInternetAnyHTTP(S)allow

The goal was to allow the gateway to set up connections for the update service, license service, etc.

Now I tried the connections withous these rules above and it worked without any problems.

I'd like to know:

Are there any implied rules on the SMB appliances, which allow the gateway to connect to the update service, get time updates, etc?

Are there any possibilities to display them?

Thank you.

Best Regards

Severin Dellsperger

1 Solution

Accepted Solutions
HristoGrigorov
Mentor
Mentor
‎2019-02-07 08:21 PM
Jump to solution

I suggest you take a look at this:

https://community.checkpoint.com/docs/DOC-2807-changing-impliedrulesdef-on-locally-managed-smbs 

View solution in original post

6 Replies
HristoGrigorov
Mentor
Mentor
‎2019-02-07 08:21 PM
Jump to solution

I suggest you take a look at this:

https://community.checkpoint.com/docs/DOC-2807-changing-impliedrulesdef-on-locally-managed-smbs 

sdellsperger
Contributor
‎2019-02-08 01:02 AM
In response to HristoGrigorov
Jump to solution

This is what I searched for Smiley Happy

Unfortunately I couldn't find any definition for NTP.

Does someone know, where to find the implied NTP rule?

0 Kudos
HristoGrigorov
Mentor
Mentor
‎2019-02-08 01:22 AM
In response to sdellsperger
Jump to solution

I checked how it is in centrally managed appliances and there is the following rule:

Perhaps there is similar one when locally managed, not explicitly for NTP?

sdellsperger
Contributor
‎2019-02-08 02:53 AM
In response to HristoGrigorov
Jump to solution

Yes it could be, thanks for helpSmiley Happy 

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2019-02-08 02:41 AM
Jump to solution

NTP (UDP 123) is not listed explicitly in implied_rules.def - but if you look inside the file you will see rather complex macros that generate the implied rule base. Just as an addition, we also have this one here: sk119497: Implied rules are generated but not displayed in the Implied Rules view.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
sdellsperger
Contributor
‎2019-02-08 02:56 AM
In response to G_W_Albrecht
Jump to solution

Thanks for the info, as long as it works it's fine for me.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events