Threat Prevention CLI Commands

How to run commands from the CLI (Command Line Interface) to install Threat Prevention policy and for IPSClosed Check Point Software Blade on a Security Gateway that inspects and analyzes packets and data for numerous types of risks (Intrusion Prevention System). and advanced Threat EmulationClosed Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE. management.

In any case of conflict between the CLI commands and the SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. configuration, the CLI commands will be enforced.

mgmt_cli install-policy <options>

Description: Run this command on the Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. to install the Threat Prevention policy on the specified Security Gateways.

Syntax: mgmt_cli install-policy <options>

Note: For more information, see Check Point Management API Reference.

te_add_file

Description: Use this command to manually send files for threat emulation. The command has to be run from expert mode. For a complete explanation of all the available parameters, run te_add_file.

Syntax: te_add_file -f= <file path> -d= <directory path>

Parameter

Description

-f=

Specifies the path to the file. You must include the file name at the end of the path.

-d=

Specifies the path to a directory. The command takes all the files in the directory and sends them for emulation.

Comments: ted is the Threat Emulation daemon.

tecli

Managing IPS Security Gateways through CLI

See the R81.10 CLI Reference Guide > Chapter IPS Commands > Section ips.

How to use the Threat Prevention CLI commands to manage IPS on your Security Gateways.