One thing I like about Indeni and the new R80 (haven’t seen it, just the gossip) is the MDS will be merged with SmartCenter so that one can see all your firewalls (not a domain at a time). This takes us closer to the single-pane of glass security management solution that CheckPoint excels at. I’d like to see ALL my firewalls in one window not just a domain at a time. Indeni is similar in that it let’s you monitor all your firewalls from an enterprise view which I like (haven’t seen it in a while, but use to anyways).With SmartMonitor you only get a domain at a time and then you only get 1 firewall at a time, not even a cluster so its somewhat limited. (And remember if you have SecureXL on, the traffic stats are horked).
Anyways I diverge. So until R80 comes out with the REST API, I am working on building my own enterprise MDS that is web based. It will allow you to start Putty sessions on ALL your MDS firewalls and SmartDashboard on ALL your MDS firewalls so you don’t have to go into each domain.
Phase 1: Dump MDS – v2 – 2.4.2015 (yeah I know my code is a hack, wish I had more time)
This script filters theMDS for all your firewalls and puts them into a CSV
<Domain,fwname, mode, IP_Address, Software_Versions, HW_type,d ns_name>
mode={CLUSTER, INLINE,MONITOR(Layer2Firewall)}
which I then import into a SQL database and go from there. So I thought I’d share with you this tool because you can use it to dump into your asset tracking or script databases to access all your firewalls.
This script is cool because it gives you the hardware type and version numbers for all your firewalls. This took a bit of ‘awk’ munging to do because clusters are weird and R77.10 does clusters differently.
MDSDUMP OUT!
dreez