New SmartLog Permissions

UPDATE: 12/1/14: mds_HOTFIX_GYPSY_HF_BASE_748 is the fix and it works in R77.10

button version

UPDATE: 11/13/14: After much hub-bub, this is fixed in R77.30 and they are backporting it to R77.10/20? Will let you know.

With X00 firewalls across X0 domains we live and die by SmartLog. R77.10 SmartLog is awesome, its fast, finally stable. It alone is sufficient reason to chuck any other firewall product.

Except!!!

They changed the way permissions work in R77.10. Now only Domain Super-users and MDS Super users can use  MDS SmartLog. This takes my breath away. Our front-line domain managers (SOC, NOC, Audit, IPS, Security/Risk Management) use SmartLog for debugging not only firewall problems but network problems in general….across all domains. They are not interested what domain the problem is…they just want to know where it is in the enterprise. Domain Super users and MDS Super users only use SmartLog a couple times a week for escalated calls.

So WHY???? restrict permissions to an awesome market changing tool to people that only use it a couple times a week??

Ugh….

dreez

Advertisements
Post a comment or leave a trackback: Trackback URL.

Comments

  • Daniel  On October 16, 2014 at 2:41 pm

    With R77.20 Global Manager can access global SmartLog again.
    For R77.10 I got a hotfix from CP.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

blog.lachmann.org

Michael Endrizzi's - St. Paul MN - CheckPoint blog on topics related to Check Point products and security in general.

%d bloggers like this: