Open Frames Download Complete PDF Send Feedback Print This Page

Previous

Next

SmartProvisioning User Interface

In This Section:

Main Window Panes

SmartProvisioning Menus and Toolbar

Working with SmartProvisioning Menus and Options

Main Window Panes

The main SmartProvisioning window has separate panes, each with its own purpose and each with a different connection to the other panes.

Tree Pane

The tree pane provides easy access to the list of objects that you can view and manage in the work space.

Workspace Pane

The view of the workspace pane changes according to the object selected in the tree.

  • Devices workspace - Use this workspace to manage gateways and other device objects, such as clusters.
    • To show the Devices workspace, click Devices in the tree.
    • To see a Device workspace by type of configuration, select Device Configuration, and then the configuration option.

  • Profiles workspace - Use this workspace to manage Provisioning Profiles. Click Profiles in the tree.

  • Status - Shows dynamic status of devices. Click Status in the tree.

Status View

The information in the Status View pane depends on whether you select Action Status or Critical Notifications.

Status_View

Action Status

For each device upon which you initiate an action, you can view the status and details of the action performance:

  • Name: The name of the action.
  • Action type: The type of action. See SmartProvisioning Menus and Toolbar
  • Start Time: The time when the action actually began on the selected gateway.
  • Status: The current status of the action, dynamically updated.
  • Details: Relevant notes.
  • Results: Click the Result link to open the Run Script window and see the results of this script.

Critical Notifications

For each device that has a critical status or error, you can view the status of the gateway, its Security Policy (if the device is a SmartLSM Security Gateway), and its Provisioning Profile (if it is assigned to a Provisioning Profile).

Gateway Status Indicators

Indicator

Description

OK

Gateway is up and performing correctly

Waiting

SmartProvisioning is waiting for status from the Security Management Server or Domain Management Server

Unknown

Status of gateway is unknown

Not Responding

Gateway has not communicated with Security Management Server or Domain Management Server

Needs Attention

Gateway has an issue and needs to be examined

Untrusted

SIC Trust is not established between gateway and Security Management Server or Domain Management Server

Policy Status Indicators

Indicator

Description

OK

Gateway is up and performing correctly

Waiting

SmartProvisioning is waiting for status from Security Management Server or Domain Management Server

Unknown

Status of gateway is unknown

Not installed

Security policy is not installed on this gateway

Not updated

Installed security policy has been changed; gateway should fetch new policy from Security Management Server or Domain Management Server

May be out of date

Security Policy was not retrieved within the fetch interval

Provisioning Profile Indicators

Indicator

Description

OK

SmartProvisioning Agent is installed and operating

Needs Attention

Device has an issue and needs to be examined

Agent is in local mode

Device is in maintenance mode

Uninitialized

Device has not yet received any provisioning configurations

Unknown

Status of provisioning is unknown

SmartProvisioning Menus and Toolbar

This section is a reference for the menus and toolbar buttons in SmartProvisioning. The menu commands that are available at any time depend on the list that is displayed in the work space.

To access menu options, click the Launch Menu button on the toolbar and then access the specified menu.

For example, the File > New command enables you to create new SmartLSM Security Gateways when the Devices work space is displayed. When the Profiles work space is displayed, File > New enables you to create a new Provisioning Profile.

The table below lists the menus and explains their commands. Some of the commands have toolbar buttons that you can use to access the same functionality.

Menu

Command

Description

For further information

File

New

Define new SmartLSM Security Gateway or Provisioning Profile

See Creating SmartLSM Security Profiles

See Adding UTM-1 Edge SmartLSM Security Gateways

See Creating Provisioning Profiles

 

Export to file

Export objects list to file

See Export to File

 

Exit

Close SmartProvisioning

 

Edit

Edit gateway

Edit selected gateway

See Overview of Managing Gateways

 

Delete SmartLSM Gateway

Delete selected gateway; only for devices with SmartLSM Security Profiles

See Deleting Gateway Objects

 

Profile Details

Edit selected Provisioning Profile

See Using Profiles to Provision Gateways

 

Find

Find specific object in visible list

See Find

View

 

Toolbar

Show/Hide Toolbar

 

Status bar

Show/Hide Status View pane

See Main Window Panes

Status View

Show/Hide Status View pane

See Status View

Menu Bar

Show/Hide Menu Bar above Toolbar

 

Clear All Filters

Clears all the configured filters

See Filtering Columns

Show/Hide columns

Open the Show/Hide Columns window and select the data to be displayed in the work space

See Show/Hide Columns

Manage

Open Selected Policy

Open SmartDashboard to edit Security Policy installed on selected SmartLSM Security Gateway

SmartLSM Security Policies

 

Open Selected Policy

(Read Only)

Open SmartDashboard to view Security Policy of selected SmartLSM Security Gateway

 

Custom Commands

Add/Edit user-defined executables to run on remote gateways

See Executing Commands

 

Select SSH Application

Provide pathname to SSH application for remote management of devices

See SSH Applications

Actions

Push Dynamic objects

Push values resolved in SmartProvisioning to SmartLSM Security Gateway

See Dynamic Objects

 

Push Policy

Push values resolved in SmartProvisioning to SmartLSM Security Gateway

See Immediate Gateway Actions

 

Maintenance > Stop Gateway

Stop Check Point services on selected gateway

See Remotely Controlling Gateways

 

 

Maintenance > Start Gateway

Start Check Point services on selected gateway

 

Maintenance >
Restart Gateway

Restart Check Point services on selected gateway

 

Maintenance > Reboot Gateway

Reboot the device

 

Get Status Details

Open Gateway Status Details

See Viewing Status of Remote Gateways

 

Get actual settings

Fetch configuration settings from device to management server

 

 

Packages

Software management

See Actions > Packages

 

Update Corporate office gateway

Update a CO Gateway to reflect changes in managed gateways

See Remotely Controlling Gateways

 

 

Updated Selected Corporate Office Gateway

Update selected CO (available when CO gateway is selected)

 

Advanced Permissions

Create a custom script

See Running Scripts

 

Backup

Create a backup image

See Immediate Backup of Security Gateways

 

Push Settings and Action

Immediate execute of Backup and fetch of profile settings

See Applying Changes

 

Define UTM-1 Edge cluster

Configure two UTM-1 Edge SmartLSM Security Gateways for high availability

See UTM-1 Edge clusters

 

 

Remove UTM-1 Edge clusters

Disassociate the two members of a UTM-1 Edge Cluster

 

Run SmartProvisioning Wizard

Opens SmartProvisioning wizard from Overview page

See SmartProvisioning Wizard

Window

Access other SmartConsole clients

Help

View version information and open online help

Actions and Packages

The Actions menu also includes the Packages menu. Package commands enable you to manage software on Security Gateways and SmartLSM Security Gateways.

These commands are not relevant or available for UTM-1 Edge gateways. To manage the software of UTM-1 Edge devices, use the UTM-1 Edge portal (right-click > Launch UTM-1 Edge Portal).

The table below describes the commands of the Packages menu. See Managing Software to learn more about managing Check Point software packages with SmartProvisioning.

Packages Menu

Package command

Action

Reference

Upgrade all packages

Download Security Gateway software upgrade from Package Repository and install all contained packages on selected gateway

See Upgrading Packages with SmartProvisioning

Distribute package

Download Hotfix or HFA from Package Repository and install on selected gateway

See Distributing Packages with SmartProvisioning

Pre-install verifier

Verify that an installation is needed and possible

See Verifying Pre-Install

Get Gateway data

View installed Check Point packages on selected Security Gateway.

See Viewing Installed Software

Working with SmartProvisioning Menus and Options

This section describes SmartConsole customizations and general functions.

Find

You can search for strings in SmartProvisioning.

To open the Find window

  1. Select Edit > Find.
  2. In the Look in field, select a column header to search for the string in a specific data type:
    • All Fields
    • Name
    • IP/ID: Format of IP address; tracking ID for logs
    • Product: Check Point product, platform, or operating system
    • Security Profile
    • Provisioning Profile
    • Policy Name
    • Last Applied Settings
    • Gateway Status: Use a valid status string
    • Policy Status: Use a valid status string
    • Provisioning Status: Use a valid status string
    • Maintenance Mode: Yes or No

Show/Hide Columns

You can customize the information displayed in Device lists.

To customize Device list columns:

  1. Select View > Show/Hide Columns.
  2. In the Show/Hide Columns window, select the check boxes of the columns that you would like to be displayed.
  3. Clear the check boxes of the columns that you would like to hide.
  4. Click OK.
  5. To hide a column, right-click the column header and select Hide Column.

Filter

You can filter a Devices workspace for more convenient displays.

To filter the list:

  1. Select the Devices workspace.
  2. In Look for, enter the filter text.
  3. From the In drop-down list, select the filter category that you want. You can select one of these filter categories:
    • All: The filter number or text is applied to all the filter categories. (Default)
    • Name: name of the gateway and icon indicating its type (Security Management server, Domain Management Server, SmartLSM Security Gateway, UTM-1 Edge SmartLSM Security Gateway, Check Point host, Mobile Access).
    • IP/ID: unique ID in the form of an IP address, used to track logs generated from a Gateway, even if it changed its external IP address.
    • Product: Name of the Check Point platform used for the Security Gateway.
    • Version: Check Point software version for the Security Gateway.
    • Provisioning Profile: Name of the Provisioning Profile.
      This field is blank if the Security Gateway is not enabled for provisioning.
    • Last Applied Settings: Date and time that the Security Gateway definition was last changed.
    • Security Profile: Name of the last installed Security Profile.
    • Gateway Status: Current status of the Security Gateway.
    • Policy Status: Current status of the Security Policy.
    • Provisioning Status: Current status of the provisioning settings.

Filtering Columns

You can filter columns in Devices and Devices Configuration displays according to the content of that column.

To filter a column:

  1. In the tree, select Devices or the Device Configuration display.
  2. Right-click the column heading and select Filter > Add/Edit Filter.

    The Advanced Filter window opens.

  3. Configure the filter settings for that column.
  4. Click OK.
  5. To clear the filter settings, right-click the column heading and select Filter > Clear Filter.

Export to File

If you prefer to track your managed devices in other programs, you can export the SmartProvisioning objects list.

To export SmartProvisioning data to a file:

  1. Select File > Export to File.
  2. Click Export To.

    The Export to File window opens.

  3. Provide a name for the file and select a type: MS Excel, Web, CSV, Text, or All (to create your own extension).
  4. Click Save.
  5. Select the file options that you want:
    • Show Headers: Select to include the column headers.
    • Use the following Delimiter: Select Tab as a delimiter between data, or select Other and specify the delimiter you want. (This is disabled for MS Excel and Web page file types.)
  6. Click OK.

    The file is created. A dialog box opens, with the message
    File '<pathname>' created successfully.

  7. Click Open File to view the exported file in a relevant application.

SSH Applications

SSH applications provide management features for remote devices. This feature is supported by SecurePlatform and Gaia.

Selecting a Default SSH Application

If you have not yet opened an SSH application, you can provide the path from within SmartProvisioning. The first time you select an SSH application, choose a default application from Manage > Select SSH Application. Each subsequent time that you want to open an SSH terminal, you can right-click on any object whose operating system is SecurePlatform and select Launch SSH Terminal.

To select an SSH application for the first time:

  1. Select Manage > Select SSH Application.
  2. Select Your SSH Client.
  3. In the SSH Client Connection Attributes section, choose a predefined application template, such as Putty or SecureCRT, or create your own by selecting Custom. Verify that the Connection Attributes match the syntax required for your selected SSH terminal application, where <IP> refers to the device's IP address.
  4. When the required syntax for the specific application appears in the Connection Attributes field. Click OK.

Launching an SSH Application from Network Objects

After you have selected a default SSH application for the first time, you can launch it from any object whose operating system is SecurePlatform.

To launch the default SSH application from a Network object:

  1. Right-click on a Network object
  2. Select Launch SSH Terminal.

    The SSH terminal opens and automatically calls the object's IP address from its last known IP address.

Web Management

You can use the Web management portal to manage Security Gateways. This is especially useful with remote gateways that need individual changes, or system administration management.

To use the WebUI to manage a Security Gateway:

  1. Right-click a Security Gateways and select Launch Device Management Portal.

    A web browser opens to https://<IP_address>.

  2. Log in with the administrator user name and password.

    The features available from the WebUI enable you to manage networking, routing, servers, and many other local device configurations.

 
Top of Page ©2014 Check Point Software Technologies Ltd. All rights reserved. Download Complete PDF Send Feedback Print