Managing Security through API

This section describes the API Server on a Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. and the applicable API Tools.

API

You can configure and control the Management Server through API Requests you send to the API Server that runs on the Management Server.

The API Server runs scripts that automate daily tasks and integrate the Check Point solutions with third party systems, such as virtualization servers, ticketing systems, and change management systems.

To learn more about the management APIs, to see code samples, and to take advantage of user forums, see:

The API Documentation:
- Online - Check Point Management API Reference
- Local - https://<Server IP Address>/api_docs
  
  By default, access to the local API Documentation is disabled. Follow the instructions in sk174606.
The Developers Network section of Check Point CheckMates Community.

API Tools

You can use these tools to work with the API Server on the Management Server:

Standalone Configuration in which the Security Gateway and the Security Management Server products are installed and configured on the same server. management tool, included with Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. operating system:

mgmt_cli
Standalone management tool, included with SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.:

mgmt_cli.exe

You can copy this tool from the SmartConsole installation folder to other computers that run Windows operating system.
Web Services APIs that allow communication and data exchange between the clients and the Management Server over the HTTP protocol.

These APIs also let other Check Point processes communicate with the Management Server over the HTTPS protocol.

https://<IP Address of Management Server>/web_api/<command>

Configuring the API Server

To configure the API Server:

Connect with SmartConsole to the Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. or applicable Domain Management Server.
From the left navigation panel, click Manage & Settings.
In the upper left section, click Blades.
In the Management API section, click Advanced Settings.

The Management API Settings window opens.

Configure the Startup Settings and the Access Settings.

Publish the SmartConsole session.

Restart the API Server on the Management Server with this command:

api restart

Note - On a Multi-Domain Server Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS., you must run this command in the context of the applicable Domain Management Server.