Administrator Permission Profiles

You can give an administrator permissions for:

• Monitoring and Logging

• Events and Reports

To define an administrator with these permissions:

1. Define an administrator or an administrator group.

2. Define a Permission Profile with the required permissions in SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. (Manage & Settings > Permission Profiles).

3. Assign that profile to the administrator or to the administrator group.

Configuring Permissions for Monitoring, Logging, Events, and Reports

In the Profile object, select the features and the Read or Write administrator permissions for them.

Monitoring and Logging Features

These are some of the available features:

• Monitoring

• Management Logs

• Track Logs

• Application and URL Filtering Logs

Events and Reports Features

These are the permissions for SmartEvent:

• SmartEvent

  • Events - views in SmartConsole > Logs & Monitor

  • Policy -SmartEvent Policy and Settings on SmartEvent GUI.

  • Reports - in SmartConsole > Logs & Monitor

• SmartEvent Application & URL Filtering reports only

Multi-Domain Security Management

In a Multi-Domain Security Management, each Event Record of a security or network incident that is based on one or more logs, and on a customizable set of rules that are defined in the Event Policy. and Report Summary of network activity and Security Policy enforcement that is generated by Check Point products, such as SmartEvent. is related to a Domain. Administrators can see events for Domains according to their permissions.

A Multi-Domain Security Management Policy administrator can be:

• Locally defined administrator on the SmartEvent Server Dedicated Check Point server with the enabled SmartEvent Software Blade that hosts the events database..

• Multi-Domain Server Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS. Super User defined on the Multi-Domain Server.

• An administrator with permissions on all Domains. Select the Domains in SmartEvent, in Policy > General Settings > Objects > Domains. This type of administrator can install a Policy, and can see events from multiple Domains.

SmartEvent Reports-Only Permission Profile

You can define a special permission profile for administrators that only see and generate SmartEvent reports. With this permission profile, Administrators can open SmartConsole, but in the Logs & Monitor view can see only Reports. They cannot access other security information in SmartEvent. You can configure this permissions profile to apply to the Application & URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF. blade only, or apply to all blades.

To create a SmartEvent report-only permissions profile:

1. In SmartConsole, click Manage & Settings > Permissions Profiles.

2. In the Permission Profiles page, select a permission profile, or click the New button and create a permission profile.

3. Select Customized.

4. On the Events and Reports page, select SmartEvent Reports.

5. Clear all other options.

6. On the Access Control, Threat Prevention, and Others pages, clear all options.

7. On the Monitoring and Logging page, select all features, with Write permissions.

8. Click OK.

   The profile shows in the Permission Profiles page.

9. Assign the SmartEvent Reports Only permissions profile to administrators.

10. Publish the SmartConsole session.

11. Install the policy.