Centrally Managing Gaia Device Settings
|
Important - Scalable Platform Security Groups do not support Central Management of Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. Device Settings (Known Limitation MBS-4754):
|
Introduction of Gaia Central Management
SmartConsole lets you:
-
Centrally configure network topology:
-
IPv4 and IPv6 addresses
-
IPv4 and IPv6 static routes
-
-
Centrally configure device settings for these network services:
-
DNS
-
NTP
-
Proxy server
-
-
Do Backup and Restore operation
A compressed
.tgz
backup file captures the Gaia OS configuration and the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. database. -
Do maintenance operations:
-
By opening the Gaia Portal Web interface for the Check Point Gaia operating system. or command shell from SmartConsole
-
By fetching settings from the device, or by pushing settings to the device
-
-
Examine recent tasks:
The Recent Tasks tab, located in the bottom section of SmartConsole, shows recent Gaia Security Gateway management tasks done using SmartConsole.
-
Run command line scripts on the Security Gateway.
Output from the commands shows in the Recent Tasks window.
Double-click the task to see the complete output.
-
Receive notification on local device configuration change
The Status column in the Gateways view indicates changes in the device configuration
-
Implement configuration changes without a full policy install (Push Settings to Device action)
-
Automate the configuration of Cloning Groups and synchronization between the members
Managing Gaia in SmartConsole
After enabling Central management, Gaia Security Gateways can be more effectively managed through SmartConsole.
Running Command Scripts
One Time scripts
You can manually enter and run a command line script on the selected Gaia Security Gateways.
This feature is useful for scripts that you do not have to run on a regular basis.
Step |
Instructions |
||
---|---|---|---|
1 |
Right-click the Security Gateway. |
||
2 |
Select Scripts > Run One Time Script. |
||
3 |
The Run One Time Script window opens You can:
|
||
4 |
Click Run. The output from the script shows in the Tasks tab > Results column.
|
Step |
Instructions |
||
---|---|---|---|
1 |
Right-click the Security Gateway. |
||
2 |
Select Scripts > Run Repository Script. |
||
3 |
The Select Script window opens. You can:
|
||
4 |
Click Run. The output from the script shows in the Tasks tab > Results column.
|
Manage repository scripts
You can create new scripts, edit or delete scripts from the script repository.
Step |
Instructions |
---|---|
1 |
Right-click the Security Gateway. |
2 |
Select Scripts > Manage Script Repository. |
3 |
The Manage Scripts window opens. |
|
Note - You can also run and manage scripts if you click Scripts in the Gateways view. |
Understanding One-Time Scripts
If you specify a script:
-
By default, the maximum size of a script is: 8 kB.
-
The output from the script shows in the Tasks tab at the bottom of the Gateways & Servers view.
-
The Run One Time Script window does not support interactive or continuous scripts. To run interactive or continuous scripts, open a command shell.
Running Repository Scripts
You can run a predefined script from the script repository.
Step |
Instructions |
---|---|
1 |
In the Gateways & Servers view, right-click the Security Gateways or Security Management Servers, on which you want to run scripts. |
2 |
Select Scripts > Scripts Repository. The Scripts Repository window opens. |
3 |
Do one of these steps:
|
The output from the script shows in the Tasks tab at the bottom of the Gateways & Servers view.
|
Notes:
|
Backup and Restore
These options let you:
-
Back up the Gaia OS configuration and the Firewall database to a compressed file
-
Restore the Gaia OS configuration and the Firewall database from a compressed file
|
Best Practice - We recommended using System Backup to back up your system regularly. Schedule system backups on a regular basis, daily or weekly, to preserve the Gaia OS configuration and Firewall database. |
Backing up the System
|
Note - After you install the Security Gateway for the first time, you must publish the SmartConsole session before you perform a system backup operation. |
Step |
Instructions |
|||
---|---|---|---|---|
1 |
In the Gateways & Servers view, right-click the Security Gateway object you want to back up. |
|||
2 |
Select Actions > System Backup. The System Backup window opens. |
|||
3 |
Select the backup location. Use one of these options:
The file name must be according to this convention:
|
|||
4 |
Click OK. The status of the backup operation shows in Tasks. |
|||
5 |
When the task is complete, double-click the entry to see the file path and name of the backup file.
|
Restoring the System
Step |
Instructions |
||||
---|---|---|---|---|---|
1 |
In the Gateways & Servers view, right-click the Security Gateway object you want to restore. |
||||
2 |
Select Actions > System Restore. The System Restore window opens. |
||||
3 |
Enter the required information.
|
||||
4 |
Click OK.
|
||||
5 |
Install the policy on the Security Gateway object. The status of the restore operation shows in Tasks tab. |
Opening Gaia Portal and Gaia Clish
In SmartConsole, you can open a Security Gateway's the command line window, or the Gaia Portal. You can select the command line or the Gaia Portal from the right-click menu of a Security Gateway object, or from the top toolbar > Actions button.
Step |
Instructions |
---|---|
1 |
In SmartConsole, right-click the Security Gateway object. |
2 |
Select Actions > Open Shell.
A command line window opens with default shell that was configured for the specified user. |
Step |
Instructions |
||
---|---|---|---|
1 |
In SmartConsole, right-click the Security Gateway object. |
||
2 |
Select Actions > Gaia Portal.
The Gaia Portal opens in the default web browser. The URL is taken from the Platform Portal page of the Security Gateway object. |