Global Toolbar (top of SmartConsole)
|
Description |
---|---|
The main SmartConsole Menu. When SmartConsole is connected to a Security Management Server, this includes:
|
|
Create new objects or open the Object Explorer |
|
Install policy on managed gateways |
Session Management Toolbar (top of SmartConsole)
|
Description |
---|---|
Discard changes made during the session |
|
Enter session details and see the number of changes made in the session. |
|
Publish changes, to make them visible to other administrators, and ready to install on gateways. Note - When the policy is installed, published changes are installed on the gateways and enforced. |
Navigation Toolbar (left side of SmartConsole)
|
Keyboard Shortcut |
Description |
---|---|---|
Ctrl+1 |
Gateways & Servers configuration view:
|
|
Ctrl+2 |
Security Policies Access Control view:
Security Policies Threat Prevention view:
Shared Policies Views:
|
|
Ctrl+3 |
Logs & Monitor view:
|
|
Ctrl+4 |
Manage & Settings view - review and configure the Security Management Server settings:
|
Command Line Interface Button (left bottom corner of SmartConsole)
|
Keyboard Shortcut |
Description |
---|---|---|
F9 |
Open a command line interface for management scripting and API |
For more SmartConsole shortcuts, see Keyboard Shortcuts for SmartConsole.
Objects Bar (right side of SmartConsole)
|
Description |
---|---|
Objects |
Manage security and network objects |
Validations Pane (right side of SmartConsole)
|
Description |
---|---|
Validations |
See validation errors |
System Information Area (bottom of SmartConsole)
|
Description |
---|---|
Task List |
See management tasks in progress and expand to see recent tasks |
Server Details |
See the IP address of the server to which SmartConsole is connected. If Management High Availability is configured, click to see the details. |
Session Status |
See the number of changes made in the session and the session status. |
Connected administrators |
See connected administrators: Yourself and others. |
In each view you can search the Security Management Server database for information relevant to the view. For example:
You can run an advanced search for an IP address, network, or port. It returns direct and indirect matches for your search criteria.
These are the different IP search modes:
General IP Search
This is the default search mode. Use it to search in Rule Bases and in objects. If you enter a string that is not a valid IP or network, the search engine treats it as text.
When you enter a valid IP address or network, an advanced search is done and on these objects and rules:
Packet Search
A Packet Search matches rules as if a packet with your IP address arrives at the gateway. It matches rules that have:
To run a Packet Search:
The search window opens.
Rule Base Results
When you enter search criteria and view the matched results, the value that matched the criteria in a rule is highlighted.
If there is... |
This is highlighted |
---|---|
A direct match on an object name or on textual columns |
Only the specific matched characters |
A direct match on object properties |
The entire object name |
A negated column |
The negated label |
A match on "Any" |
"Any" |
Known Limitation:
The Access Tools section in the Security Policies Access Control view and the Threat Tools section in the Security Policies Threat Prevention view give you more management and data collection tools.
Access Tools in the Security Policies Access Control view:
Tool |
Description |
---|---|
VPN Communities |
Create, edit, or delete VPN Communities. |
Updates |
Update the Application & URL Filtering database, schedule updates, and configure updates. |
UserCheck |
Configure UserCheck interaction objects for Access Control policy actions. |
Client Certificates |
Create and distribute client certificates that allow users to authenticate to the Gateway from handheld devices. |
Application Wiki |
Browse to the Check Point AppWiki. Search and filter the Web 2.0 Applications Database, to use Check Point security research in your policy rules for actions on applications, apps, and widgets. |
Installation History |
See the Policy installation history for each Gateway, and who made the changes. See the revisions that were made during each installation, and who made them. Install a specific version of the Policy. |
Threat Tools in the Security Policies Threat Prevention view:
Tool |
Description |
---|---|
Profiles |
Create, edit, or delete profiles. |
IPS Protections |
Edit IPS protections per profile. |
Protections |
See statistics on different protections |
Whitelist Files |
Configure Whitelist Files list |
Indicators |
Configure indicators of malicious activity and how to handle it |
Updates |
Configure updates to the Malware database, Threat Emulation engine and images, and the IPS database. |
UserCheck |
Configure UserCheck interaction objects for Threat Prevention policy actions. |
Threat Wiki |
Browse to the Check Point ThreatWiki. Search and filter Check Point's Malware Database, to use Check Point security research to block malware before it enters your environment, and to best respond if it does get in. |
Installation History |
See the Policy installation history for each Gateway, and who made the changes. See the revisions that were made during each installation, and who made them. Install a specific version of the Policy. |
The Shared Policies section in the Security Policies shows the policies that are not in a Policy package. They are shared between all Policy packages.
Shared policies are installed with the Access Control Policy.
Software Blade |
Description |
---|---|
Mobile Access |
Launch Mobile Access policy in a SmartConsole. Configure how your remote users access internal resources, such as their email accounts, when they are mobile. |
DLP |
Launch Data Loss Prevention policy in a SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users. |
Geo Policy |
Create a policy for traffic to or from specific geographical or political locations. |
HTTPS Inspection |
The HTTPS Policy allows the Security Gateway to inspect HTTPS traffic to prevent security risks related to the SSL protocol. The HTTPS Policy shows if HTTPS Inspection is enabled on one or more Gateways. |
Inspection Settings |
You can configure Inspection Settings for the Firewall:
|
You can also configure objects and rules through the API command line interface, which you can access from SmartConsole.
Click to open the command line interface. |
|
Click to open the API reference (in the command line interface). Use the Command Line Reference to learn about Session management commands, Host commands, Network commands, and Rule commands. |
In addition to the command line interface, you can create and run API scripts to manage configuration and operations on the Security Management Server.
From R80.20, there are additional keyboard shortcuts that you can use to navigate between the different SmartConsole fields:
Keyboard shortcut |
Description |
---|---|
Ctrl+S |
Publish session |
Ctrl+Alt+S |
Discard session |
Shift+Alt+Enter |
Install policy |
F10 |
Show/hide task details |
F11 |
Show/hide Object Explorer |
Ctrl+O |
Manage policies and layers |
Ctrl+E |
Open Object Explorer |
Ctrl+F3 |
Switch to high-contrast theme |
Alt+Space |
System menu |
F1 |
Open the relevant online help |
Alt+F4 |
Close SmartConsole |
Shortcuts for the specific views that support them:
Keyboard shortcut |
Description |
---|---|
Ctrl+T |
Open new tab |
Ctrl+W or Ctrl+F4 |
Close current tab |
Ctrl+Tab |
Move to the next tab |
Ctrl+Shift+Tab |
Move to the previous tab |
Delete |
Delete the currently selected item |
Ctrl+A |
Select all elements |
Esc |
Cancel operation to close window |
Enter or mouse double-click |
Edit item |
Shortcuts for views that contain a Rule Base:
Keyboard shortcut |
Description |
---|---|
Ctrl+G |
Go to rule (in the Access Control Rule Base) |
Ctrl+X |
Cut rule |
Ctrl+C |
Copy rule |
Ctrl+V |
Paste rule below the selected rule |
Delete |
Remove a used item from a rule cell |
Ctrl+F |
Open Rule Base search |
F3 |
Navigate to the next Rule Base search result |
Ctrl+arrow up |
Go to the first rule in the Rule Base |
Ctrl+arrow down |
Go to the last rule in the Rule Base |
Space or + |
Open drop-down menu for the current cell in the Rule Base |
Shift+arrow up/down |
Move between objects in the Rule Base |
Shortcuts for the Logs & Monitor view:
Keyboard shortcut |
Description |
---|---|
Ctrl+G |
Switch to grid view (in the Logs and Audit Logs views) |
Ctrl+L |
Switch to table view (in the Logs and Audit Logs views) |
Ctrl+R |
Resolve objects |
F5 |
Refresh query |
F6 |
Enable auto-refresh |
Ctrl+D |
Add to favorites |
Ctrl+S |
Organize favorites |
To log in to a Security Management Server through Check Point SmartConsole, you must have an administrator account configured on the Security Management Server. When installing the Security Management Server, you create one administrator in the First Time Configuration Wizard. After that, you can create additional administrators accounts with SmartConsole, or using the Gaia Portal.
To log in to the Security Management Server through SmartConsole:
Logging in with a username:
Logging in with a certificate file:
Logging in with a certificate in the CAPI repository:
The SmartConsole authenticates the Security Management Server. The first time you connect, SmartConsole shows the fingerprint.
The fingerprint and the IP address of the Security Management Server are saved to the user settings in Windows.
To start setting up your security environment, configure the Security Management Server and the Security Gateways. The Security Gateways enforce the security policy that you define on the Security Management Server.
To configure the Security Management Server in SmartConsole:
You can search for it by name or IP address in the Search box at the top of the view.
When you select the Security Management Server object, the Summary tab at the bottom of the pane shows the Software Blades that are enabled on it.
To configure the Security Gateways in SmartConsole:
As an administrator, you can delegate tasks, such as defining objects and users, to other administrators. Make sure to create administrator accounts with the privileges that are required to accomplish those tasks.
If you are the only administrator, we recommend that you create a second administrator account with Read Only permissions, which is useful for troubleshooting, consultation, or auditing.
You can configure and control the Management Server with the new command line tools and through web services. You must first configure the API server.
The API server runs scripts that automate daily tasks and integrate the Check Point solutions with third party systems such as virtualization servers, ticketing systems, and change management systems.
You can use these tools to run API scripts on the Management Server:
mgmt_cli.exe
(for Windows operating system)mgmt_cli
(for Gaia operating system)All API clients use the same port as the Gaia Portal.
To learn more about the management APIs, to see code samples, and to take advantage of user forums, see:
To configure the API Server:
The Management API Settings window opens.
In these environments, Automatic start is selected by default:
In other environments, to reduce the memory consumption on the management server, Automatic start is not selected by default.
Configure IP addresses from which the API server accepts requests:
mgmt_cli
utility to send API requests.To apply changes, you must publish the session, and run the api restart
command on the Security Management Server.