Print Download PDF Send Feedback

Previous

Next

SmartConsole Toolbars

Global Toolbar (top of SmartConsole)

 

Description

The main SmartConsole Menu. When SmartConsole is connected to a Security Management Server, this includes:

  • Manage policies and layers
  • Open Object Explorer
  • New object (opens menu to create a new object)
  • Publish session
  • Discard session
  • Session details
  • Install policy
  • Verify Access Control Policy
  • Install Database
  • Uninstall Threat Prevention policy
  • Management High Availability
  • Manage Licenses and Packages
  • Global Properties
  • View (opens menu to select a View to open)

Create new objects or open the Object Explorer

Install policy on managed gateways

Session Management Toolbar (top of SmartConsole)

 

Description

Discard changes made during the session

Enter session details and see the number of changes made in the session.

Publish changes, to make them visible to other administrators, and ready to install on gateways.

Note - When the policy is installed, published changes are installed on the gateways and enforced.

Navigation Toolbar (left side of SmartConsole)

 

Keyboard Shortcut

Description

Ctrl+1

Gateways & Servers configuration view:

  • Manage Security Gateways
  • Activate Software Blades
  • Add, edit, or delete gateways and clusters (including virtual clusters)
  • Run scripts
  • Backup and restore gateways
  • Open a command line interface on the gateway
  • View gateway status

Ctrl+2

Security Policies Access Control view:

  • Manage Access Control: Content Awareness, VPN, Application & URL Filtering, and Mobile Access
  • Edit multiple policies at the same time
  • Add, edit, or delete NAT rules
  • Use the Access Tools

Security Policies Threat Prevention view:

  • Manage Threat Prevention: IPS, Anti-Bot, Anti-Virus, Threat Emulation
  • Edit the unified threat Rule Base
  • Configure threat profiles
  • Add, edit, or delete exceptions and exception groups
  • Use the Threat Tools

Shared Policies Views:

  • Manage Mobile Access, DLP, Geo Policy and inspection Settings

Ctrl+3

Logs & Monitor view:

  • See high level graphs and plots
  • Search through logs
  • Schedule customized reports
  • Monitor gateways
  • See compliance information

Ctrl+4

Manage & Settings view - review and configure the Security Management Server settings:

  • Administrators
  • Permissions profiles
  • Trusted clients
  • Administrator sessions, and session settings
  • Blades
  • Revisions
  • Preferences
  • Sync with User Center

Command Line Interface Button (left bottom corner of SmartConsole)

 

Keyboard Shortcut

Description

F9

Open a command line interface for management scripting and API

Objects Bar (right side of SmartConsole)

 

Description

Objects

Manage security and network objects

Validations Pane (right side of SmartConsole)

 

Description

Validations

See validation errors

System Information Area (bottom of SmartConsole)

 

Description

Task List

See management tasks in progress and expand to see recent tasks

Server Details

See the IP address of the server to which SmartConsole is connected. If Management High Availability is configured, click to see the details.

Session Status

See the number of changes made in the session and the session status.

Connected administrators

See connected administrators: Yourself and others.

Search Engine

In each view you can search the Security Management Server database for information relevant to the view. For example:

IP Search

You can run an advanced search for an IP address, network, or port. It returns direct and indirect matches for your search criteria.

These are the different IP search modes:

General IP Search

This is the default search mode. Use it to search in Rule Bases and in objects. If you enter a string that is not a valid IP or network, the search engine treats it as text.

When you enter a valid IP address or network, an advanced search is done and on these objects and rules:

Packet Search

A Packet Search matches rules as if a packet with your IP address arrives at the gateway. It matches rules that have:

To run a Packet Search:

  1. Click the search box.

    The search window opens.

  2. Click Packet or enter: "mode:Packet"
  3. To search a specific rule column, enter: ColumnName:Criteria

Rule Base Results

When you enter search criteria and view the matched results, the value that matched the criteria in a rule is highlighted.

If there is...

This is highlighted

A direct match on an object name or on textual columns

Only the specific matched characters

A direct match on object properties

The entire object name

A negated column

The negated label

A match on "Any"

"Any"

Known Limitation:

Access and Threat Tools

The Access Tools section in the Security Policies Access Control view and the Threat Tools section in the Security Policies Threat Prevention view give you more management and data collection tools.

Access Tools in the Security Policies Access Control view:

Tool

Description

VPN Communities

Create, edit, or delete VPN Communities.

Updates

Update the Application & URL Filtering database, schedule updates, and configure updates.

UserCheck

Configure UserCheck interaction objects for Access Control policy actions.

Client Certificates

Create and distribute client certificates that allow users to authenticate to the Gateway from handheld devices.

Application Wiki

Browse to the Check Point AppWiki. Search and filter the Web 2.0 Applications Database, to use Check Point security research in your policy rules for actions on applications, apps, and widgets.

Installation History

See the Policy installation history for each Gateway, and who made the changes. See the revisions that were made during each installation, and who made them. Install a specific version of the Policy.

Threat Tools in the Security Policies Threat Prevention view:

Tool

Description

Profiles

Create, edit, or delete profiles.

IPS Protections

Edit IPS protections per profile.

Protections

See statistics on different protections

Whitelist Files

Configure Whitelist Files list

Indicators

Configure indicators of malicious activity and how to handle it

Updates

Configure updates to the Malware database, Threat Emulation engine and images, and the IPS database.

UserCheck

Configure UserCheck interaction objects for Threat Prevention policy actions.

Threat Wiki

Browse to the Check Point ThreatWiki. Search and filter Check Point's Malware Database, to use Check Point security research to block malware before it enters your environment, and to best respond if it does get in.

Installation History

See the Policy installation history for each Gateway, and who made the changes. See the revisions that were made during each installation, and who made them. Install a specific version of the Policy.

Shared Policies

The Shared Policies section in the Security Policies shows the policies that are not in a Policy package. They are shared between all Policy packages.

Shared policies are installed with the Access Control Policy.

Software Blade

Description

Mobile Access

Launch Mobile Access policy in a SmartConsole. Configure how your remote users access internal resources, such as their email accounts, when they are mobile.

DLP

Launch Data Loss Prevention policy in a SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users.

Geo Policy

Create a policy for traffic to or from specific geographical or political locations.

HTTPS Inspection

The HTTPS Policy allows the Security Gateway to inspect HTTPS traffic to prevent security risks related to the SSL protocol. The HTTPS Policy shows if HTTPS inspection is enabled on one or more Gateways.

To learn more about HTTPS Inspection, see the R80.10 Next Generation Security Gateway Guide.

Inspection Settings

You can configure Inspection Settings for the Firewall:

  • Deep packet inspection settings
  • Protocol parsing inspection settings
  • VoIP packet inspection settings

API Command Line Interface

You can also configure objects and rules through the API command line interface, which you can access from SmartConsole.

Click to open the command line interface.

Click to open the API reference (in the command line interface).

Use the Command Line Reference to learn about Session management commands, Host commands, Network commands, and Rule commands.

In addition to the command line interface, you can create and run API scripts to manage configuration and operations on the Security Management Server.

Connecting to the Security Management Server through SmartConsole

To log in to a Security Management Server through Check Point SmartConsole, you must have an administrator account configured on the Security Management Server. When installing the Security Management Server, you create one administrator in the First Time Configuration Wizard. After that, you can create additional administrators accounts with SmartConsole, or using the Gaia Portal.

To log in to the Security Management Server through SmartConsole:

  1. Launch the SmartConsole application.
  2. Enter your administrator authentication credentials. These can be a username, or a certificate file, or a CAPI certificate.

    Logging in with a username:

    • Enter the Username and Password.

    Logging in with a certificate file:

    • From the drop-down list, select Certificate File.
    • Browse to the file.
    • Enter the password of the certificate file.

    Logging in with a certificate in the CAPI repository:

    • From the drop-down list, select CAPI Certificate.
    • Select the certificate from drop-down list.
  3. Enter the name or the IP address of the Security Management Server.
  4. Click Login.

    The SmartConsole authenticates the Security Management Server. The first time you connect, SmartConsole shows the fingerprint.

  5. Confirm the fingerprint.

The fingerprint and the IP address of the Security Management Server are saved to the user settings in Windows.

Setting Up for Security Management

To start setting up your security environment, configure the Security Management Server and the Security Gateways. The Security Gateways enforce the security policy that you define on the Security Management Server.

To configure the Security Management Server in SmartConsole:

  1. In the Gateways & Servers view, find the Security Management Server object.

    You can search for it by name or IP address in the Search box at the top of the view.

    When you select the Security Management Server object, the Summary tab at the bottom of the pane shows the Software Blades that are enabled on it.

  2. Open the object properties window, and enable the Management Software Blades, as necessary:
    • Network Policy Management - Manage a comprehensive security policy, unified for all security functionalities. This is automatically enabled.
    • Endpoint Policy Management - Manage security and data on end-user computers and hand-held devices. Enable this Software Blade if you have or will install an Endpoint Security Management Server.
    • Logging & Status - Monitor security events and status of gateways, VPNs, users, and more, with advanced visuals and data management features.
    • Identity Logging - Add user identities, and data of their computers and devices, from Active Directory domains, to log entries.
    • User Directory - Populate your security scope with user accounts from the LDAP servers in your environment.
    • Compliance - Optimize your security settings and comply with regulatory requirements
    • SmartEvent - Manage and correlate security events in real-time.

To configure the Security Gateways in SmartConsole:

  1. From the navigation toolbar, select Gateways & Servers.
  2. Click New, and select Gateway.
  3. In the Check Point Security Gateway Creation window that opens, select a configuration mode:

Setting up for Team Work

As an administrator, you can delegate tasks, such as defining objects and users, to other administrators. Make sure to create administrator accounts with the privileges that are required to accomplish those tasks.

If you are the only administrator, we recommend that you create a second administrator account with Read Only permissions, which is useful for troubleshooting, consultation, or auditing.

Managing Security through API and CLI

You can configure and control the Management Server with the new command line tools and through web services. You must first configure the API server.

The API server runs scripts that automate daily tasks and integrate the Check Point solutions with third party systems such as virtualization servers, ticketing systems, and change management systems.

You can use these tools to run API scripts on the Management Server:

All API clients use the same port as the Gaia Portal.

To learn more about the management APIs, to see code samples, and to take advantage of user forums, see:

Configuring the API Server

To configure the API Server:

  1. In SmartConsole, go to Manage & Settings > Blades.
  2. In the Management API section, click Advanced Settings.

    The Management API Settings window opens.

  3. Configure the Startup Settings and the Access Settings.

Management API Settings

To apply changes, you must publish the session, and run the api restart command on the Security Management Server.