Friday, April 1, 2011

how to visualize your rulebase

One of security admin tasks is document the security system. Sometimes it is necessary to print out your rulebase, objects and users. How to do that?

There are many different ways, but one of the least known is Check Point standard Web Visualization Tool.

The comprehensive history and recent documentation can be found in sk30765. The tool is actually a script that creates HTML file with your rulebase, NAT, objects and users. It is quite useful for printing out the data.

This tools only exists for R65 and R70. I have tried it on R75 MGMT server, and there are some funny bugs, but it still does its job, most of it.

And Check Point... If you read this, please patch the tool for your own latest versions, pretty please.


  1. Hi Valerie what are the funny bugs you get on running R75? I have a script working on R70 and now i have to have that script (which uses web visualation tool on R75.x)Let me know the bugs before i try it :-)


  2. Some objects are not recognized as they do not exist in R75 schema. It means that some specific rules with particular source or destination will be presented with ANY objects instead when visualized.

    You audit will not be happy about that.