Smart-1 Cloud Limitations

Global objects, global policies, and global rules cannot be shared across environments.

  1. SSH and Remote Access

    SSH access to the Security Management Server is not available. Contact support for actions that require SSH access.

  2. SMTP & FQDN Requirements

    To access an on-premises/cloud SMTP server, you must allow inbound traffic from Smart-1 Cloud FQDNs based on your deployment region:

    • Ireland: eu-west-1.allowed-ips.checkpoint.com

    • N. Virginia: us-east-1.allowed-ips.checkpoint.com

    • Sydney: ap-southeast-2.allowed-ips.checkpoint.com

    • Mumbai: ap-south-1.allowed-ips.checkpoint.com

    • UAE: me-south-1.allowed-ips.checkpoint.com

Important - For information and updates on Smart-1 Cloud external FQDNs and their associated IP addresses, see sk182699.

  • VSX Gateways and VSX Clusters management is not supported.

  • SmartProvisioning is not supported.

  • SmartTasks - the Run Script feature is not supported (only Send Web Request and Send Mail are supported).

  • Auto-complete of dynamic entities (for example, if you enter a source, destination, or service) is not supported.

  • Upgrading Quantum Spark Gateways from Central Deployment Tool (CDT) is not supported.

  • SmartUpdate is not supported.

  • Uploading files to the Package Repository is not supported.

Note - Running these APIs may cause unwanted behavior.

  • run_script on the Management Server object

  • migrate-export-domain

  • put-file

  • SmartTasks

  • CME Automatic Hotfix Deployment is not supported.

  • Migration of an on-premises management database with CloudGuard Network Auto Scaling gateway is not supported. Communication issues may occur between Smart-1 Cloud and the existing CloudGuard Network Auto Scaling gateways.

  • Migrating the on-premises Security Management Server in Full High Availability Cluster mode to Smart-1 Cloud is not supported.

  • Migration from pre-R81 Multi-Domain Security Management Server to a Smart-1 Cloud server fails (see sk180650 for details).

Automatic MEP Topology is not supported.

  • SmartEvent Policies are not supported. It is not possible to configure custom events or automatic reactions.

    Important - The checkboxes for SmartEventSoftware Blades are automatically selected if the user has a corresponding license which is functioning as intended.

  • OPSEC and LEA are not supported.

  • Some widgets in these Views and Reports may not work and return a "Failed to query" error:

    • Views - MTA Live Monitoring

    • Reports - GDPR Security Report, Security Checkup - Advanced

  • Auto-refresh does not refresh the information.

  • Suggestions in Log view are not supported for some values.

  • Cannot search for a specific updatable object in logs.

  • Logs view > Edit profile - Some fields may cause "query failed" error - in this case, open a support ticket.

  • Opening the log file from Logs & Events is not supported.

  • Blobs and packet captures are not supported.

  • SmartView web access through the SmartConsole link is not supported.

    To view logs, use the embedded SmartView functionality in SmartConsole.

  • Integration with third-party tools that use SSH access or OPSEC/LEA to the Management Server is not supported.

  • Known unsupported integrations:

    • ThreatCloud Managed Security Service

Note - This limitation applies only when using the installed SmartConsole.

  • A terminal or jump server supports only one active SmartConsole session at a time.

  • Multiple concurrent sessions from the same terminal or jump server are not supported.

To run multiple sessions, use Web SmartConsole or Streamed SmartConsole.