While most Check Point administrators interested in scripting/automatisation are awaiting R80 Management Gateway, I have been playing around with a little PoC of auto creation of CMA, VS and basic rulebase on Check Points MDS and VSX systems.
The idea behind the script, is to use a centralized database (eg. a CMDB) to automatic deploy a new customer or organisation firewall on Check Point’s Multi Domain Server and VSX gateway.
I have created a video showing the PoC:
Both MDS and VSX are running R77.20 Gaia.
- Bash scripting
- Check Point’s MDSCMD
- Check Point’s VSX Provision Tool
- Check Point’s DBEDIT