It's been nearly 20 years, and I have to ask again: does anybody at Check Point actually use the hardware you sell? How are the LOMs still this mediocre?

• Practically every other update says you can't use the "Preserve configuration" feature, so you get to click through the UI to collect all the config. Forgot to catch some of it before an update wipes it out? Too bad.
• The LOM's default address almost certainly isn't accessible on your network, so you use a command in clish to set the IP, mask, and gateway so you can access it again.
• Then you have to go through the LOM's first time wizard, which makes you re-enter the IP, mask, and gateway you just entered. Now you reapply a lot of the configuration, but not all of it. Some isn't covered here, and at the end of the wizard, the card reboots before you can enter the rest.
• When it reboots at the end of the first time wizard, it throws a browser alert saying the APPLIANCE is rebooting. Panic-inducing for people who don't deal with the LOMs routinely.

Surely this could be improved. Some is really low-hanging fruit, too:

• The first time wizard should recognize the IP, mask, and gateway the LOM already has, and present those as the defaults in the appropriate fields.
• The message at the end of the first time wizard should tell you the LOM is rebooting rather than the whole appliance.

Better things are possible, though!

My good LOMs have Redfish, so I can just dump all the config programmatically as structured data. No browser involved, no clicking around a slow UI. For that matter, I can push updates to them with a few curl commands! It's entirely scriptable. A management server could learn the LOMs' addresses and track LOM versions, just like it does for the firewalls today. With an API-driven LOM, it could even push updates or config changes for you.