Information Technology Grimoire

Version .0.0.1

IT Notes from various projects because I forget, and hopefully they help you too.

smo policies

https://sc1.checkpoint.com/documents/R80.30SP/WebAdminGuides/EN/CP_R80.30SP_Maestro_AdminGuide/Content/Topics/SMO-and-Policies.htm?tocpath=Security%20Group%20Concepts%7CSingle%20Management%20Object%20(SMO)%20and%20Policies%7C_____0#Single_Management_Object_(SMO)_and_Policies

Management Server installs to SMO Master SMO Master copies policy to all security group members in the security group Each Security group member, installs the policy locally

Unload Policy

asg policy unload
[Expert@MyChassis-ch0x-0x:0]# asg policy unload
You are about to perform unload policy on blades: all
All SGMs will be in DOWN state, beside local SGM. It is recommended to run the procedure
via serial connection
 
Are you sure? (Y - yes, any other key - no) y
 
Unload policy requires auditing
Enter your full name: John Doe
Enter reason for unload policy [Maintenance]:
WARNING: Unload policy on blades: all, User: John Doe, Reason: Maintenance
+-------------------------------+
|Unload policy                  |
+---------------+---------------+
|SGM            |Status         |
+---------------+---------------+
|1_3            |Success        |
+---------------+---------------+
|1_2            |Success        |
+---------------+---------------+
|1_1            |Success        |
+---------------+---------------+
|2_3            |Success        |
+---------------+---------------+
|2_2            |Success        |
+---------------+---------------+
|2_1            |Success        |
+---------------+---------------+
 
+------------------------------------------------------------------------------+
|Summary                                                                       |
+------------------------------------------------------------------------------+
|Unload policy completed successfully                                          |
+------------------------------------------------------------------------------+
[Expert@MyChassis-ch0x-0x:0]#
asg policy verify

asg policy -vs 1 verify

asg policy verify -v

[Expert@MyChassis-ch0x-0x:0]# asg policy verify -v
+----------------------------------------------------------------------+
|Policy Verification                                                   |
+-------+-------------------+---------------+-----------------+--------+
|SGM    |Policy Name        |Policy Date    |Policy Signature |Status  |
+-------+-------------------+---------------+-----------------+--------+
|1_01   |Standard           |27Feb19 08:56  |e17c177f7        |Success |
+-------+-------------------+---------------+-----------------+--------+
|1_02   |Standard           |27Feb19 08:56  |e17c177f7        |Success |
+-------+-------------------+---------------+-----------------+--------+
 
+------------------------------------------------------------------------------+
|Summary                                                                       |
+------------------------------------------------------------------------------+
|Policy Verification completed successfully                                    |
+------------------------------------------------------------------------------+
[Expert@MyChassis-ch0x-0x:0]#

asg policy verify -vs all -v

[Expert@MyChassis-ch0x-0x:0]# asg policy verify -vs all -v
+------------------------------------------------------------------------------+
|Policy Verification                                          |
+-------+-------+-------------------+---------------+-----------------+--------+
|VS     |SGM    |Policy Name        |Policy Date    |Policy Signature |Status  |
+-------+-------+-------------------+---------------+-----------------+--------+
|0      |1_01   |Standard           |27Feb19 08:56  |996eee5e6        |Success |
|       |1_03   |Standard           |27Feb19 08:56  |996eee5e6        |Success |
|       |1_04   |Standard           |27Feb19 08:56  |996eee5e6        |Success |
|       |1_05   |Standard           |27Feb19 08:56  |996eee5e6        |Success |
|       |1_06   |Standard           |27Feb19 08:56  |996eee5e6        |Success |
|       |1_11   |Standard           |27Feb19 08:56  |996eee5e6        |Success |
|       |1_12   |Standard           |27Feb19 08:56  |996eee5e6        |Success |
+-------+-------+-------------------+---------------+-----------------+--------+
|1      |1_01   |Standard           |27Nov12 13:03  |836fa2ec1        |Success |
|       |1_03   |Standard           |27Nov12 13:03  |836fa2ec1        |Success |
|       |1_04   |Standard           |27Nov12 13:03  |836fa2ec1        |Success |
|       |1_05   |Standard           |27Nov12 13:03  |836fa2ec1        |Success |
|       |1_06   |Standard           |27Nov12 13:03  |836fa2ec1        |Success |
|       |1_11   |Standard           |27Nov12 13:03  |836fa2ec1        |Success |
|       |1_12   |Standard           |27Nov12 13:03  |836fa2ec1        |Success |
+-------+-------+-------------------+---------------+-----------------+--------+
|2      |1_01   |Standard           |27Feb19 08:56  |10eef9ced        |Success |
|       |1_03   |Standard           |27Feb19 08:56  |10eef9ced        |Success |
|       |1_04   |Standard           |27Feb19 08:56  |10eef9ced        |Success |
|       |1_05   |Standard           |27Feb19 08:56  |10eef9ced        |Success |
|       |1_06   |Standard           |27Feb19 08:56  |10eef9ced        |Success |
|       |1_11   |Standard           |27Feb19 08:56  |10eef9ced        |Success |
|       |1_12   |Standard           |27Feb19 08:56  |10eef9ced        |Success |
+-------+-------+-------------------+---------------+-----------------+--------+

+------------------------------------------------------------------------------+
|Summary                                                                       |
+------------------------------------------------------------------------------+
|Policy Verification completed successfully                                    |
+------------------------------------------------------------------------------+
[Expert@MyChassis-ch0x-0x:0]#