Immediate SmartLSM Security Gateway Actions

At any point during the configuration or management of a SmartLSM Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources., you can perform immediate actions on the gateway.

SmartLSM Security Profiles implement a Security PolicyClosed Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection., with rules for source/destination IP addresses, and localize these rules for each SmartLSM Security Gateway assigned to the profile. SmartProvisioningClosed Check Point Software Blade on a Management Server (the actual name is "Provisioning") that manages large-scale deployments of Check Point Security Gateways using configuration profiles. Synonyms: Large-Scale Management, SmartLSM, LSM. manages Dynamic Objects (see Dynamic Objects) only for SmartLSM Security Gateways.

The Security Policy assigned to the SmartLSM Security Profile has a ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. to drop traffic from IP addresses on a StormCenter. The Security Profile is assigned to ten SmartLSM Security Gateways. Some of the SmartLSM Security Gateways assigned to this profile must use one StormCenter site, and others use a different one. You do not have to create a new rule for each gateway. You can create one rule in the main policy, and use the CPDShield dynamic object to define the source (StormCenter list of IP addresses to block).

In SmartProvisioning, on each SmartLSM Security Gateway assigned to this profile, you resolve the CPDShield dynamic object to the real IP address of a StormCenter (double-click a SmartLSM Security Gateway and open Dynamic Objects > Add).

After you resolve the dynamic object to a real IP address value, it is not applied immediately to the selected SmartLSM Security Gateway. You can wait for the gateway to fetch its profile, but if you want the value to be applied immediately, you can push the resolved values of dynamic objects to the SmartLSM Security Gateway.

To apply new values to dynamic objects of a SmartLSM Security Gateway:

Right-click the gateway and select Actions > Push Dynamic Objects.

If you change the Security Policy assigned to a SmartLSM Security Profile in SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., and install it on gateways, it is not applied to SmartLSM Security Gateways. Each SmartLSM Security Gateway fetches its SmartLSM Security Profile on a different time interval, and then gets the updated Security Policy.

You can apply the changes immediately by pushing the policy on the SmartLSM Security Gateway. To do this, right-click the Security Gateway and Actions > Push Policy.