Reply
Highlighted
Accepted Solution

NetMRI with FireWall CheckPoint

ODS
Techie
Posts: 7
4810     0

Hi there,

 

Since 3 weeks, our fire-wall CheckPoint Gaia is managed with NetMRI => config file collected.

But from the first time NetMRI collected the config, CheckPoint add a line in the config file :

# Exported by admin on Fri May 25 14:03:18 2018

 

So every 90 minutes, NetMRI collect the file because of that.Each time it collect the config, CP change it after with this line. And after this 3 weeks, I have have more than 700 files archived with few changed in it ...

 

Is there a way to ignore this by NetMRI ???

May be it's a CheckPoint question .....

 

Thanks.

Re: NetMRI with FireWall CheckPoint

Adviser
Posts: 410
4811     0

I would open a case we can modify the DBS to fix that issue Smiley Happy

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

Re: NetMRI with FireWall CheckPoint

[ Edited ]
ODS
Techie
Posts: 7
4811     0

What DBS means ?

 

I guess its DataBase settings ....

 

Btw thanks a lot for the info Smiley Very Happy

Re: NetMRI with FireWall CheckPoint

Adviser
Posts: 410
4811     0

It's DSB Smiley Happy  I got it wrong the first time

 

Device Support Bundle

 

It how NetMRI manage the devices

 

Sif

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

Re: NetMRI with FireWall CheckPoint

Expert
Posts: 253
4811     0

I agree with Sif that the best solution is to get the official DSB for the device updated to mask that line.  That's assuming that the particular Checkpoint model is already a supported device.  Not knowing how long that might take to get through Engineering's queue, there is another way that you can do the masking yourself by creating a mini DSB.  It's an XML file that performs config collection post processing and can identify and ignore "noise" lines.  You would need to edit the basic file for the particulars of the exact Checkpoint model, as well fill in the "what is noise" and "what to do with it" sections.

 

Re: NetMRI with FireWall CheckPoint

ODS
Techie
Posts: 7
4811     0

Hi,

 

The current CheckPoint Firewall is supported (version R77.30) and there is only 1 line I want to skip during comparison.

I think I will head to the solution to create the DSB that will be a good paractise cause I'm new with NetMRI.

 

Thanks a lot, this community here is a really good help for me Smiley Happy

 

Re: NetMRI with FireWall CheckPoint

sakishore
Techie
Posts: 5
4811     0

We currently have a custom DSB created with a noise filter which filters lines like the following from the config file.

 

"# Exported by admin on Fri Dec  7 08:48:42 2018"
 
This was created for Checkpoint firewalls. I have created an article KB 9927 with the DSB file attached to it and you could import it into NetMRI by going to Settings > Setup > Device Support Bundles > Import arrow from top right hand side of the window > Select file > Import > Actions > Validate DSB > after validating please test the DSB against any Checkpoint device.
 
 
-Kishore 
Showing results for 
Search instead for 
Do you mean 

Recommended for You