This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jokkeri67
Participant
9 hours ago

Using SmartMove in Provider-1

Hi,

 

I am using SmartMove to import rulebase from Fortinet to Check Point. My management is Provider-1. I have run SmartMove from Fortinet with no errors. I have policy.sh and objects.sh files done. What might be right folder in Provider-1 so that rules/objects go to DMS that I want? For example if DMS is Customer_DMS.

Should I just move DMS using mdsenv Customer_DMS and then go to which folder?

Rgds, Jouko

0 Kudos
5 Replies
Vincent_Bacher
MVP Silver
MVP Silver
8 hours ago

I suppose you’re talking about multi-domain management.

As for the scripts, it’s been far too long since I last did that. What I do remember is that the shell scripts contain API commands. That’s why they aren’t copied into the customer directory but into a temporary working directory, where they’re run in the correct order.

I can’t quite recall exactly what the scripts look like, but if they contain mgmt_cli commands, for example, then the commands may need to be adapted to create the objects/policies in the correct domain/CMA.

The lads who use this more often will certainly be able to explain it better and in more detail.

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
Hugo_vd_Kooij
MVP Gold
MVP Gold
8 hours ago

I don't recall Provider-1 having API access. But those were different days 😉

I suppose you can pretty much use the same tooling against a domain on a Multi-Domain Server when compared to running the tooling against a SmartCenter.

But you may have to adjust the resulting scripts/ccode a bit.

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
0 Kudos
Martijn
Advisor
Advisor
7 hours ago

Hi,

A few month ago I migrated a Fortigate to Check Point and I needed to import the policy in a excisting SmartCenter.
I did the following:

- Migrate the Fortigate policy to Check Point with SmartMove.
- Create a SmartCenter in the lab and import the policy using the SmartMove procedure.
- Check if everything is OK.

Use the following tools: GitHub - CheckPointSW/ExportImportPolicyPackage

- Export the policy from the lab SmartCenter with the above tools.
- Import the policy in the DMS on the MDM server. The tool has the option to specify a domain.
- If it is an excisting environment, don't forget the option to skip duplicate objects.

If you have an option to test the whole procedure in a lab environment, I would advice you to do so.

Good luck.

Martijn

0 Kudos
jokkeri67
Participant
6 hours ago

Hi,

I was able to import to Provider-1 objects and rules when I added this to script:

-> mgmt_cli login -r true -d Customer -v 1.1 > id.txt

 

Vincent_Bacher
MVP Silver
MVP Silver
6 hours ago
In response to jokkeri67

Exactly what i meant when creating my reply. So please accept my reply as solution 🤣

Just kidding. Happy that it's solved! 👍

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events