Manually Updating the Gateway Topology
As the network changes, you must update the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. topology.
To update the Security Gateway topology
-
In SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., click Gateways & Servers.
-
Double-click the Security Gateway object.
The Security Gateway property window opens.
-
Click Network Management.
-
Click Get Interfaces and select the applicable option:
-
Get Interfaces With Topology
A warning window asks if you want to overwrite the existing Topology and Anti-Spoofing settings.
Click Yes.
Note - The physical interfaces that are part of a Bridge interface always appear with the topology "Undefined".
Workaround: Use the API command "get-interfaces".
-
Get Interfaces Without Topology
-
-
The Get Topology Results window opens.
-
Click Accept.
-
Configure the applicable Topology and Anti-Spoofing settings for the interfaces.
-
Click OK.
-
Install the Access Control Policy.
Get Interfaces API
You can use the Check Point API to execute the Get Interfaces command.
The Get Interfaces API:
-
Supports a larger number of interfaces compared with SmartConsole.
-
Supports these interfaces which are not supported by SmartConsole: Bridge and Bond interfaces without IP addresses.
-
Configures the default topology for internal networks for Security Gateway and ClusterXL R80.20 and higher to Network defined by routes, where applicable (the default in SmartConsole is This network (Internal)).
-
Does not get unnecessary Bridge and Bond satellite interfaces.
The Get Interfaces API command only supports Security Gateways and ClusterXL that run on Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. operating system.
For explanations on how to use the API Get Interfaces command, see the Check Point Management API Reference.