General

psCheckpoint

This powershell module was a lifesaver! or rather a timesaver.

We wanted to lock down access to our Exchange Hybrid box from Microsoft Office IP’s only. We also needed to add all of the Azure data centre IP’s to configure Express Route Public Peering routing. We were looking at thousands of hosts and networks, the powershell scripts can be found here:

https://github.com/tkoopman/psCheckPoint/tree/master/Examples/GroupSync

Enter psCheckpoint courtesy of Tim Koopman – this powershell module taps into the Checkpoint API and allows to us to add all of these hosts automatically.

Running the script is fairly straightforward I had to modify the API server settings on the Checkpoint appliance to get it to work as below:

Login to checkpoint smart console > manage and settings > Blades > Mangement API > Advanced Settings> All IP Adresses >2018-05-30 08_57_48-Clipboard

Console on (I use Putty) to the Checkpoint appliance and run:

api restart

2018-05-30 08_59_50-Clipboard

Close Smart connet console if open

Launch Powershell browse to c:\temp (or wherever the powershell script has been downloaded from GitHub.

.\Office365_Group_Sync.ps1

Enter management server parameter of: (Checkpoint management appliance), enter checkpoint login credentials.

Once compete launch Smart Console and:

Publish > Install Policy

Change Management IP settings back to ‘Management server only’

Change Management IP settings back to ‘Management server only’

2018-05-30 09_02_52-Clipboard

More info can be found at:

https://community.checkpoint.com/docs/DOC-2163