fafa879458
|
||
|---|---|---|
| .. | ||
| add-host-to-group | ||
| README.md | ||
README.md
Check Point Software Technologies Logic Apps Playbook
Table of Contents
Overview
The Check Point Logic App Playbook allow you to make changes to Check Point firewalls via Check PointManagement API.
Common use cases include:
- Enable operation teams to automate common security functions such as creating objects, updating security policies, and schedule security policy updates to gateways.
- Fully integrate with any orchestration platforms for both on-prem or public cloud providers
- Integrate with all leading SIEM/SOAR providers such as Azure Sentinel
For more information see
Check Point Management API
Logic App Overview
Deploy Playbook
This package includes:
This Playbook will create IP objects and add objects to group.
As prerequsit you'll need to first deploy the Check Point Connector in your subscription before you can install this playbook.
Deployment instructions
-
Create an API key from Check Point management console
-
Launch the template
-
Fill in the template
-
Update LogicApp Sentinel Connection
Test Playbook
-
Dry run
-
Dry run result
Key Playbook Components
-
Trigger point - It can be scheduled, use HTTP post, or trigger point from a connector
Example 1 - Scheduled tasks
Example 2 - Azure Sentinel Alert
Example 3 - HTTP post
-
Workflow - Logic App instructions
Define the Check Point gateway and policy package
Define the Check Point Management Station API Key or usr/pw
Define what action to take, in this case, create and add each host to predefined group
Publish and Install Security Policy
