This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
HristoGrigorov
Mentor
Mentor
‎2018-02-05 10:18 PM

Grouped firewall rules

I would really appreciate a change in WebUI that makes possible to group firewall rules just like in Smart Console. Firewall rules on my appliance are quite a lot already and it becomes more and more difficult to manage then. If I can combine them in groups that can be collapsed or expanded it will make it much more easy to work with them.

4 Replies
G_W_Albrecht
Legend Legend
Legend
‎2018-02-06 02:58 AM

In my experience, the local management GUI is currently taking a lot of CPU from the box; it is suggested to open Embedded GAiA WebGUI only when needed, not for constant monitoring. The SMB appliances are very easily configured when used in Stand-Alone deployment for simple environments. Preferably, only a few rules have to be created and a lot is just configured by defining the corresponding objects. If you want to use a complicated rule base, i would suggest a centrally managed SMB unit and R80.10 SMS. This will give you much more possibilities (services excluded from VPN, user.def, crypt.def, vpn_route.def and many more) without taking performance from the GW.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
HristoGrigorov
Mentor
Mentor
‎2018-02-07 05:16 AM

Thanx for your comments Guenther! I don't know how it is for the others but I can't notice any higher CPU usage as a result of using local WebUI for configuration tasks. I am monitoring it through external syslog and snmp tools so that is not an issue. SMS is out of the question for the moment for financial reasons. I believe change I am asking for is not difficult to implement but it will just make the job a little bit easier for something that is already offered more or less.

0 Kudos
Pedro_Espindola
Advisor
‎2018-02-09 05:42 AM

You are right, CPU usage might not be an issue, but I can see a significant memory impact when using local management.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2018-02-09 05:53 AM

I would say this is different on more powerfull SMB devices - a 620 was very, very slow and unresponsive during TP updates, on a 730 this is much smother. And i still believe that keeping the SMB monitoring page open all the time takes resources from the box, memory, but surely also CPU...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events