Defining Trusted Clients

To limit the access to the Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. from a specified list of hosts, you must configure Trusted Clients.

You can configure Trusted Clients in these ways:

Trusted Client Definition

Description

Any

All hosts

IPv4 Address

A single host with the specified IPv4 address

IPv4 Address Range

Hosts with IPv4 addresses in the specified range

IPv4 Netmask

Hosts with IPv4 addresses in the subnet defined by the specified IPv4 address and netmask

IPv6 Address

A single host with the specified IPv6 address

IPv6 Address Range

Hosts with IPv6 addresses in the specified range

IPv6 Netmask

Hosts with IPv6 addresses in the subnet defined by the specified IPv6 address and netmask

Name

A host with the specified hostname

Wild cards (IP only)

Hosts with IP addresses described by the specified regular expression

Administrators with Super User permissions can add, edit, or delete trusted clients in SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on..

  1. In SmartConsole, go to Manage & Settings > Permissions & Administrators > Trusted Clients.

  2. Click New.

    The New Trusted Client window opens.

  3. Enter a unique name for the client.

  4. Select a client type and configure corresponding values:

    • Any - No values to configure

    • IPv4 Address - Enter an IPv4 address of a host

    • IPv4 Address Range - Enter the first and the last address of an IPv4 address range

    • IPv4 Netmask - Enter the IPv4 address and the netmask

    • IPv6 Address - Enter an IPv6 address of a host

    • IPv6 Address Range - Enter the first and the last address of an IPv6 address range

    • IPv6 Netmask - Enter the IPv6 address and the netmask

    • Name - Enter a host name

    • Wild cards (IP only) - Enter a regular expression that describes a set of IP addresses

  5. Click OK.

  1. In SmartConsole, go to Manage & Settings > Permissions & Administrators > Trusted Clients.

  2. Double-click the client you want to edit.

  3. In the Trusted Client configuration window that opens, change the settings as needed.

  4. Click OK.

  1. In SmartConsole, go to Manage & Settings > Permissions & Administrators > Trusted Clients.

  2. Select a trusted client and click Delete.

    The confirmation window opens.

  3. Click Yes to confirm.

Note - Administrators can also configure the GUI Clients in the Check Point Configuration Tool on the Security Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. (see cpconfig).