Used to bulk update threat protections using API calls on a Check Point management server
- This script is designed to be run on a Check Point management server
- Verify the API is up and running before execution, from CLI run:
api status - Suggest running a test API show command before running, script does not currently have any verification built in
- ssh into a Check Point log server as admin
- enter expert mode
- copy file update_threat_protections.sh to /home/admin/ on log server
curl_cli -k https://raw.githubusercontent.com/joeaudet/ckpt_update_threat_protections/master/update_threat_protections.sh > update_threat_protections.sh - chmod the script to be executable
chmod u+x update_threat_protections.sh - Make any modifications to the list of protections inside the script which are stored in a multi-line array
- Update the variables inside the script for your environment
- Run the script
./update_threat_protections.sh