Welcome to SmartConsole

Use the What's New window for a quick tour of SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. and its major features.

Understanding SmartConsole

Check Point SmartConsole makes it easy to manage security for complex networks. Before you configure your cyber security environment and policies, become familiar with Check Point's SmartConsole.

You can get the SmartConsole package in the Home Page SK article - sk173903.

You must install the SmartConsole package in a folder, whose full path includes only English characters.

SmartConsole Window

Item	Description	Item	Description
1	Global Toolbar	5	Validations pane
2	Session Management Toolbar	6	AI Copilot. For complete description and minimum requirements, see sk182844.
3	Navigation Toolbar	7	Command line interface button
4	Objects Bar (F11)

SmartConsole Toolbars

Global Toolbar (top of SmartConsole)

Icon	Description
	The main SmartConsole Menu. When SmartConsole is connected to a Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server., this includes: Manage policies and layers Open Object Explorer New object (opens a menu to create a new object) Publish session Discard session Session details Install policy Verify Access Control Policy Install Database Uninstall Threat Prevention policy Management High Availability Deployment and configuration mode of two Check Point Management Servers, in which they automatically synchronize the management databases with each other. In this mode, one Management Server is Active, and the other is Standby. Acronyms: Management HA, MGMT HA. Manage Licenses and Packages Endpoint (opens a menu to SmartEndpoint and Harmony Endpoint Web UI) Global Properties View (opens a menu to select a View to open)
	Create new objects or open the Object Explorer
	Install policy on managed Security Gateways

Icon

Description

The main SmartConsole Menu. When SmartConsole is connected to a Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server., this includes:

Manage policies and layers
Open Object Explorer
New object (opens a menu to create a new object)
Publish session
Discard session
Session details
Install policy
Verify Access Control Policy
Install Database
Uninstall Threat Prevention policy
Management High Availability Deployment and configuration mode of two Check Point Management Servers, in which they automatically synchronize the management databases with each other. In this mode, one Management Server is Active, and the other is Standby. Acronyms: Management HA, MGMT HA.
Manage Licenses and Packages
Endpoint (opens a menu to SmartEndpoint and Harmony Endpoint Web UI)
Global Properties
View (opens a menu to select a View to open)

Create new objects or open the Object Explorer

Install policy on managed Security Gateways

Search Engine

In each view you can search the Security Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. database for information relevant to the view. For example:

Gateway, by name or IP address
Access Control rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session.
NAT rule
Threat Prevention profile
Specific threat or a threat category
Object tags

You can search for an object in the Security Management Server database in two ways:

Enter the prefix of the object's name. For example, to find USGlobalHost, you can enter USG in the search box.
Enter any sequence of characters in the object's name and add an asterisk (*) before such sequence.

For example, to find USGlobalHost, you can enter *oba, *host, *SG and so on in the search box.

IP Search

You can run an advanced search for an IP address, network, or port. It returns direct and indirect matches for your search criteria.

IP address: xxx.xxx.xxx.xxx
Network: xxx.xxx.0.0/16 or xxx.xxx
Port: svc:<xxx>

These are the different IP search modes:

General - (Default). Returns direct matched results and indirect results in IP ranges, networks, groups, groups with exclusion, and rules that contain these objects.
Packet - Matches rules as if a packet with your IP address arrives at the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources..

General IP Search

This is the default search mode. Use it to search in Rule Bases and in objects. If you enter a string that is not a valid IP or network, the search engine treats it as text.

When you enter a valid IP address or network, an advanced search is done and on these objects and rules:

Objects that have the IP address as a text value for example, in a comment
Objects that have an IP address property (direct results)
Groups, networks, and address ranges that contain objects with the text value or address value
Rules that contain those objects

Packet Search

A Packet Search matches rules as if a packet with your IP address arrives at the Security Gateway.

It matches rules that have:

The IP address in a column of the rule
"Any"
A Group-with-exclusion or negated field with the IP address in its declaration

To run a Packet Search:

Click the search box.

The search window opens.
Click Packet or enter: "mode:Packet"
To search a specific rule column, enter: ColumnName:Criteria

Rule Base Results

When you enter search criteria and view the matched results, the value that matched the criteria in a rule is highlighted.

If there is...	This is highlighted
A direct match on an object name or on textual columns	Only the specific matched characters
A direct match on object properties	The entire object name
A negated column	The negated label
A match on "Any"	"Any"

Known Limitation:

Packet search does not support IPv6.

Access and Custom Policy Tools

The Access Tools section in the Security Policies Access Control view and the Custom Policy Tools section in the Security Policies Threat Prevention view give you more management and data collection tools.

"Access Tools" in the Security Policies "Access Control" view

Tool	Description
VPN Communities	Create, edit, or delete VPN Communities.
Updates	Update the Application & URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF. database, schedule updates, and configure updates.
UserCheck	Configure UserCheck Functionality in your Security Gateway or Cluster and endpoint clients that gives users a warning when there is a potential risk of data loss or security violation. This helps users to prevent security incidents and to learn about the organizational security policy. Interaction objects for Access Control policy actions.
Client Certificates	Create and distribute client certificates that allow users to authenticate to the Security Gateway from handheld devices.
Application Wiki	Browse to the Check Point AppWiki. Search and filter the Web 2.0 Applications Database, to use Check Point security research in your policy rules for actions on applications, apps, and widgets.
Installation History	See the Policy installation history for each Security Gateway, and who made the changes. See the revisions that were made during each installation, and who made them. Install a specific version of the Policy.

"Custom Policy Tools" in the Security Policies "Threat Prevention" view

Tool	Description
Profiles	Create, edit, or delete profiles.
IPS Protections	Edit IPS Check Point Software Blade on a Security Gateway that inspects and analyzes packets and data for numerous types of risks (Intrusion Prevention System). protections per profile.
Protections	See statistics on different protections.
Allow List Files	Configure Whitelist Files list.
Indicators	Configure indicators of malicious activity and how to handle it.
Updates	Configure updates to the Malware database, Threat Emulation Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE. engine and images, and the IPS database.
UserCheck	Configure UserCheck Interaction objects for Threat Prevention policy actions.
Threat Wiki	Browse to the Check Point ThreatWiki. Search and filter Check Point's Malware Database The Check Point database of commonly used signatures, URLs, and their related reputations, installed on a Security Gateway and used by the ThreatSpect engine., to use Check Point security research to block malware before it enters your environment, and to best respond if it does get in.
Installation History	See the Policy installation history for each Security Gateway, and who made the changes. See the revisions that were made during each installation, and who made them. Install a specific version of the Policy.

Access and Custom Policy Tools

"Access Tools" in the Security Policies "Access Control" view

Tool	Description
VPN Communities	Create, edit, or delete VPN Communities.
Updates	Update the Application & URL Filtering database, schedule updates, and configure updates.
UserCheck	Configure UserCheck Interaction objects for Access Control policy actions.
Client Certificates	Create and distribute client certificates that allow users to authenticate to the Security Gateway from handheld devices.
Application Wiki	Browse to the Check Point AppWiki. Search and filter the Web 2.0 Applications Database, to use Check Point security research in your policy rules for actions on applications, apps, and widgets.
Installation History	See the Policy installation history for each Security Gateway, and who made the changes. See the revisions that were made during each installation, and who made them. Install a specific version of the Policy.

"Custom Policy Tools" in the Security Policies "Threat Prevention" view

Tool	Description
Profiles	Create, edit, or delete profiles.
IPS Protections	Edit IPS protections per profile.
Protections	See statistics on different protections.
Allow List Files	Configure Whitelist Files list.
Indicators	Configure indicators of malicious activity and how to handle it.
Updates	Configure updates to the Malware database, Threat Emulation engine and images, and the IPS database.
UserCheck	Configure UserCheck Interaction objects for Threat Prevention policy actions.
Threat Wiki	Browse to the Check Point ThreatWiki. Search and filter Check Point's Malware Database, to use Check Point security research to block malware before it enters your environment, and to best respond if it does get in.
Installation History	See the Policy installation history for each Security Gateway, and who made the changes. See the revisions that were made during each installation, and who made them. Install a specific version of the Policy.

Shared Policies

The Shared Policies section in the Security Policies shows the policies that are not in a Policy package. They are shared between all Policy packages.

Shared policies are installed with the Access Control Policy.

Software Blade	Description
Mobile Access	Launch Mobile Access Check Point Software Blade on a Security Gateway that provides a Remote Access VPN access for managed and unmanaged clients. Acronym: MAB. policy in SmartConsole. Configure how your remote users access internal resources, such as their email accounts, when they are mobile.
DLP	Launch Data Loss Prevention Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. policy in SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users.
HTTPS Inspection	The HTTPS Inspection Feature on a Security Gateway that inspects traffic encrypted by the Secure Sockets Layer (SSL) protocol for malware or suspicious patterns. Synonym: SSL Inspection. Acronyms: HTTPSI, HTTPSi. Policy allows the Security Gateway to inspect HTTPS traffic to prevent security risks related to the SSL protocol. The HTTPS Inspection Policy appears if HTTPS Inspection is enabled in one or more Security Gateways.
Inspection Settings	You can configure Inspection Settings for the Security Gateway (see Preferences and Management Settings): Deep packet inspection settings. Protocol parsing inspection settings. VoIP packet inspection settings.

API Command Line Interface

You can also configure objects and rules through the API command line interface, which you can access from SmartConsole.

Click to open the command line interface.

In the command line interface, this button opens the Check Point Management API Reference.

The Check Point Management API Reference is a comprehensive guide that provides detailed information on how to use the Check Point Management APIs.

SmartConsole Keyboard Shortcuts

These are additional keyboard shortcuts that you can use to navigate between the different SmartConsole fields:

Keyboard shortcut	Description
Ctrl+S	Publish the SmartConsole session.
Ctrl+Alt+S	Discard the SmartConsole session.
Shift+Alt+Enter	Install policy.
F10	Show/hide task details.
F11	Show/hide Object Explorer.
Ctrl+O	Manage policies and layers
Ctrl+E	Open Object Explorer
Ctrl+F3	Switch to high-contrast theme
Alt+Space	System menu
F1	Open the relevant online help
Alt+F4	Close SmartConsole

Shortcuts for the specific views that support them:

Keyboard shortcut	Description
Ctrl+T	Open new tab
Ctrl+W or Ctrl+F4	Close current tab
Ctrl+Tab	Move to the next tab
Ctrl+Shift+Tab	Move to the previous tab
Delete	Delete the currently selected item
Ctrl+A	Select all elements
Esc	Cancel operation to close window
Enter or mouse double-click	Edit item

In the Security Policies view, these are the shortcuts for views that contain a Rule Base All rules configured in a given Security Policy. Synonym: Rulebase.:

Keyboard shortcut	Description
Ctrl+G	Go to rule (in the Access Control Rule Base)
Ctrl+X	Cut rule
Ctrl+C	Copy rule
Ctrl+V	Paste rule below the selected rule
Delete	Remove a used item from a rule cell
Ctrl+F	Open Rule Base search
F3	Navigate to the next Rule Base search result
Ctrl+arrow up	Go to the first rule in the Rule Base
Ctrl+arrow down	Go to the last rule in the Rule Base
Space or +	Open drop-down menu for the current cell in the Rule Base
Shift+arrow up/down	Move between objects in the Rule Base

Shortcuts for the Logs & Monitor view:

Keyboard shortcut	Description
Ctrl+G	Switch to grid view (in the Logs and Audit Logs views)
Ctrl+L	Switch to table view (in the Logs and Audit Logs views)
Ctrl+R	Resolve objects
F5	Refresh query
F6	Enable auto-refresh
Ctrl+D	Add to favorites
Ctrl+S	Organize favorites