SmartProvisioning User Interface

In This Section:

Main Window Panes

The main SmartProvisioning window has separate panes, each with its own purpose and each with a different connection to the other panes.

Tree Pane

The tree pane provides easy access to the list of objects that you can view and manage in the work space.

Workspace Pane

The view of the workspace pane changes according to the object selected in the tree.

Devices workspace - Use this workspace to manage gateways and other device objects, such as clusters.
- To show the Devices workspace, click Devices in the tree.
- To see a Device workspace by type of configuration, select Device Configuration, and then the configuration option.
Profiles workspace - Use this workspace to manage Provisioning Profiles. Click Profiles in the tree.
Status - Shows dynamic status of devices. Click Status in the tree.

Status View

The information in the Status View pane depends on whether you select Action Status or Critical Notifications.

Status_View

Action Status

For each device upon which you initiate an action, you can view the status and details of the action performance:

Name: The name of the action.
Action type: The type of action. See SmartProvisioning Menus and Toolbar
Start Time: The time when the action actually began on the selected gateway.
Status: The current status of the action, dynamically updated.
Details: Relevant notes.
Results: Click the Result link to open the Run Script window and see the results of this script.

Critical Notifications

For each device that has a critical status or error, you can view the status of the gateway, its Security Policy (if the device is a SmartLSM Security Gateway), and its Provisioning Profile (if it is assigned to a Provisioning Profile).

Gateway Status Indicators

Indicator	Description
OK	Gateway is up and performing correctly
Waiting	SmartProvisioning is waiting for status from the Security Management Server or Domain Management Server
Unknown	Status of gateway is unknown
Not Responding	Gateway has not communicated with Security Management Server or Domain Management Server
Needs Attention	Gateway has an issue and needs to be examined
Untrusted	SIC Trust is not established between gateway and Security Management Server or Domain Management Server

Policy Status Indicators

Indicator	Description
OK	Gateway is up and performing correctly
Waiting	SmartProvisioning is waiting for status from Security Management Server or Domain Management Server
Unknown	Status of gateway is unknown
Not installed	Security policy is not installed on this gateway
Not updated	Installed security policy has been changed; gateway should fetch new policy from Security Management Server or Domain Management Server
May be out of date	Security Policy was not retrieved within the fetch interval

Provisioning Profile Indicators

Indicator	Description
OK	SmartProvisioning Agent is installed and operating
Needs Attention	Device has an issue and needs to be examined
Agent is in local mode	Device is in maintenance mode
Uninitialized	Device has not yet received any provisioning configurations
Unknown	Status of provisioning is unknown

SmartProvisioning Menus and Toolbar

This section is a reference for the menus and toolbar buttons in SmartProvisioning. The menu commands that are available at any time depend on the list that is displayed in the work space.

To access menu options, click the Launch Menu button on the toolbar and then access the specified menu.

For example, the File > New command enables you to create new SmartLSM Security Gateways when the Devices work space is displayed. When the Profiles work space is displayed, File > New enables you to create a new Provisioning Profile.

The table below lists the menus and explains their commands. Some of the commands have toolbar buttons that you can use to access the same functionality.

Menu	Command	Description	For further information

File	New	Define new SmartLSM Security Gateway or Provisioning Profile	See Creating SmartLSM Security Profiles See Adding UTM-1 Edge SmartLSM Security Gateways See Creating Provisioning Profiles
	Export to file	Export objects list to file	See Export to File
	Exit	Close SmartProvisioning
Edit	Edit gateway	Edit selected gateway	See Overview of Managing Gateways
	Delete SmartLSM Gateway	Delete selected gateway; only for devices with SmartLSM Security Profiles	See Deleting Gateway Objects
	Profile Details	Edit selected Provisioning Profile	See Using Profiles to Provision Gateways
	Find	Find specific object in visible list	See Find
View	Toolbar	Show/Hide Toolbar
	Status bar	Show/Hide Status View pane	See Main Window Panes
	Status View	Show/Hide Status View pane	See Status View
	Menu Bar	Show/Hide Menu Bar above Toolbar
	Clear All Filters	Clears all the configured filters	See Filtering Columns
	Show/Hide columns	Open the Show/Hide Columns window and select the data to be displayed in the work space	See Show/Hide Columns
Manage	Open Selected Policy	Open SmartDashboard to edit Security Policy installed on selected SmartLSM Security Gateway	SmartLSM Security Policies
	Open Selected Policy (Read Only)	Open SmartDashboard to view Security Policy of selected SmartLSM Security Gateway	SmartLSM Security Policies
	Custom Commands	Add/Edit user-defined executables to run on remote gateways	See Executing Commands
	Select SSH Application	Provide pathname to SSH application for remote management of devices	See SSH Applications
Actions	Push Dynamic objects	Push values resolved in SmartProvisioning to SmartLSM Security Gateway	See Dynamic Objects
	Push Policy	Push values resolved in SmartProvisioning to SmartLSM Security Gateway	See Immediate Gateway Actions
	Maintenance > Stop Gateway	Stop Check Point services on selected gateway	See Remotely Controlling Gateways
	Maintenance > Start Gateway	Start Check Point services on selected gateway
	Maintenance > Restart Gateway	Restart Check Point services on selected gateway
	Maintenance > Reboot Gateway	Reboot the device
	Get Status Details	Open Gateway Status Details	See Viewing Status of Remote Gateways
	Get actual settings	Fetch configuration settings from device to management server
	Packages	Software management	See Actions > Packages
	Update Corporate office gateway	Update a CO Gateway to reflect changes in managed gateways	See Remotely Controlling Gateways
	Updated Selected Corporate Office Gateway	Update selected CO (available when CO gateway is selected)	See Remotely Controlling Gateways
	Advanced Permissions	Create a custom script	See Running Scripts
	Backup	Create a backup image	See Immediate Backup of Security Gateways
	Push Settings and Action	Immediate execute of Backup and fetch of profile settings	See Applying Changes
	Define UTM-1 Edge cluster	Configure two UTM-1 Edge SmartLSM Security Gateways for high availability	See UTM-1 Edge clusters
	Remove UTM-1 Edge clusters	Disassociate the two members of a UTM-1 Edge Cluster	See UTM-1 Edge clusters
	Run SmartProvisioning Wizard	Opens SmartProvisioning wizard from Overview page	See SmartProvisioning Wizard
Window	Access other SmartConsole clients
Help	View version information and open online help

Actions and Packages

The Actions menu also includes the Packages menu. Package commands enable you to manage software on Security Gateways and SmartLSM Security Gateways.

These commands are not relevant or available for UTM-1 Edge gateways. To manage the software of UTM-1 Edge devices, use the UTM-1 Edge portal (right-click > Launch UTM-1 Edge Portal).

The table below describes the commands of the Packages menu. See Managing Software to learn more about managing Check Point software packages with SmartProvisioning.

Packages Menu

Package command	Action	Reference
Upgrade all packages	Download Security Gateway software upgrade from Package Repository and install all contained packages on selected gateway	See Upgrading Packages with SmartProvisioning
Distribute package	Download Hotfix or HFA from Package Repository and install on selected gateway	See Distributing Packages with SmartProvisioning
Pre-install verifier	Verify that an installation is needed and possible	See Verifying Pre-Install
Get Gateway data	View installed Check Point packages on selected Security Gateway.	See Viewing Installed Software

Working with SmartProvisioning Menus and Options

This section describes SmartConsole customizations and general functions.

Find

You can search for strings in SmartProvisioning.

To open the Find window

Select Edit > Find.
In the Look in field, select a column header to search for the string in a specific data type:
- All Fields
- Name
- IP/ID: Format of IP address; tracking ID for logs
- Product: Check Point product, platform, or operating system
- Security Profile
- Provisioning Profile
- Policy Name
- Last Applied Settings
- Gateway Status: Use a valid status string
- Policy Status: Use a valid status string
- Provisioning Status: Use a valid status string
- Maintenance Mode: Yes or No

Show/Hide Columns

You can customize the information displayed in Device lists.

To customize Device list columns:

Select View > Show/Hide Columns.
In the Show/Hide Columns window, select the check boxes of the columns that you would like to be displayed.
Clear the check boxes of the columns that you would like to hide.
Click OK.
To hide a column, right-click the column header and select Hide Column.

Filter

You can filter a Devices workspace for more convenient displays.

To filter the list:

Select the Devices workspace.
In Look for, enter the filter text.
From the In drop-down list, select the filter category that you want. You can select one of these filter categories:
- All: The filter number or text is applied to all the filter categories. (Default)
- Name: name of the gateway and icon indicating its type (Security Management server, Domain Management Server, SmartLSM Security Gateway, UTM-1 Edge SmartLSM Security Gateway, Check Point host, Mobile Access).
- IP/ID: unique ID in the form of an IP address, used to track logs generated from a Gateway, even if it changed its external IP address.
- Product: Name of the Check Point platform used for the Security Gateway.
- Version: Check Point software version for the Security Gateway.
- Provisioning Profile: Name of the Provisioning Profile.
  This field is blank if the Security Gateway is not enabled for provisioning.
- Last Applied Settings: Date and time that the Security Gateway definition was last changed.
- Security Profile: Name of the last installed Security Profile.
- Gateway Status: Current status of the Security Gateway.
- Policy Status: Current status of the Security Policy.
- Provisioning Status: Current status of the provisioning settings.

Filtering Columns

You can filter columns in Devices and Devices Configuration displays according to the content of that column.

To filter a column:

In the tree, select Devices or the Device Configuration display.
Right-click the column heading and select Filter > Add/Edit Filter.
The Advanced Filter window opens.
Configure the filter settings for that column.
Click OK.
To clear the filter settings, right-click the column heading and select Filter > Clear Filter.

Export to File

If you prefer to track your managed devices in other programs, you can export the SmartProvisioning objects list.

To export SmartProvisioning data to a file:

Select File > Export to File.
Click Export To.
The Export to File window opens.
Provide a name for the file and select a type: MS Excel, Web, CSV, Text, or All (to create your own extension).
Click Save.
Select the file options that you want:
- Show Headers: Select to include the column headers.
- Use the following Delimiter: Select Tab as a delimiter between data, or select Other and specify the delimiter you want. (This is disabled for MS Excel and Web page file types.)
Click OK.
The file is created. A dialog box opens, with the message
File '<pathname>' created successfully.
Click Open File to view the exported file in a relevant application.

SSH Applications

SSH applications provide management features for remote devices. This feature is supported by SecurePlatform and Gaia.

Selecting a Default SSH Application

If you have not yet opened an SSH application, you can provide the path from within SmartProvisioning. The first time you select an SSH application, choose a default application from Manage > Select SSH Application. Each subsequent time that you want to open an SSH terminal, you can right-click on any object whose operating system is SecurePlatform and select Launch SSH Terminal.

To select an SSH application for the first time:

Select Manage > Select SSH Application.
Select Your SSH Client.
In the SSH Client Connection Attributes section, choose a predefined application template, such as Putty or SecureCRT, or create your own by selecting Custom. Verify that the Connection Attributes match the syntax required for your selected SSH terminal application, where <IP> refers to the device's IP address.
When the required syntax for the specific application appears in the Connection Attributes field. Click OK.

Launching an SSH Application from Network Objects

After you have selected a default SSH application for the first time, you can launch it from any object whose operating system is SecurePlatform.

To launch the default SSH application from a Network object:

Right-click on a Network object
Select Launch SSH Terminal.
The SSH terminal opens and automatically calls the object's IP address from its last known IP address.

Web Management

You can use the Web management portal to manage Security Gateways. This is especially useful with remote gateways that need individual changes, or system administration management.

To use the WebUI to manage a Security Gateway:

Right-click a Security Gateways and select Launch Device Management Portal.
A web browser opens to https://<IP_address>.
Log in with the administrator user name and password.
The features available from the WebUI enable you to manage networking, routing, servers, and many other local device configurations.

Top of Page

Download Complete PDF

Send Feedback