sddelta shows the differences in the configuration of SmartDefense™ between two exports from a Check Point® NGX™ SmartCenter™. The output is a fairly simple HTML document (with some JavaScript) that is viewable in modern Web browsers. sddelta is written in Perl and at least runs on Debian Etch and Ubuntu Gutsy, but should certainly run on more or less modern Linux distributions as well as other Unices (in theory) with a reasonably modern version of Perl installed.
SmartDefense updates, whether automatically or deliberately installed from Check Point, often contain all new protections, new attributes for existing protections, and updates to other parts of the SmartDefense configuration as well. It may not always be clear what has changed between updates. sddelta will allow you to be sure of what has changed, especially with regards to what new protections are active, what protections have changed to or from Monitor Only mode, and other settings that are significant in any operating network environment.
Be warned: Producing a delta takes a very long time even on good hardware. sddelta represents Check Point files internally as DOM trees, which require massive amounts of memory. Do not be surprised if the program uses upwards of 200 megabytes of memory and needs several minutes to complete.
As of this writing, sddelta is very useful, but imperfect. It may not always illuminate every difference between two SmartDefense configurations in the most intelligible way, especially if the two exports from which configurations are being compared are far apart in version number or time, or if they are from different management servers. Continued work on sddelta is planned.
sddelta has at least these four dependencies:
sddelta is © 2008 Hurricane Labs, LLC, and was written by Lebbeous Weekley. <lebbeous-dev@hurricanelabs.com>.
sddelta is licensed under the terms of the GPL. See the LICENSE file.
Check Point, SmartDefense, SmartCenter, and NGX are trademarks or registered trademarks of Check Point Software Technologies Ltd. All other product names mentioned herein are trademarks or registered trademarks of their respective owners.
sddelta includes version 4.12 of Walter Zorn's fantastic wz_tooltip Javascript Cross Browser Library to add tooltips to its HTML output. wz_tooltip is licensed under the LGPL. Newer versions of this library are avaiable as of the time of this writing (25 April 2008) from http://www.walterzorn.com/.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
cp2xml is a prerequisite of sddelta. You must have cp2xml installed for sddelta to work.
| cp2xml-0.1.2.tar.gz |
MD5: 31d27c0c03038bd328b38b5bb9be79c0 SHA1: 47b7fe8124af4a5d360caa0a6cf409de61c5c549 |
Installing cp2xml should be simple. From the directory where you have downloaded the source package, issue these commands:
$ tar zxvf cp2xml-0.1.2.tar.gz $ cd cp2xml-0.1.2 $ make $ su - [or sudo -i, as appropriate for your system] # make install
Don't forget to download and install cp2xml first (see above).
| sddelta-0.5.1.tar.gz |
MD5: 365069280ea1a6bdee888ed685829877 SHA1: d53c761101be51b1d120a1bca6a984724e55ecf0 |
Installing sddelta should be simple. From the directory where you have downloaded the source package, issue these commands:
$ tar zxvf sddelta-0.5.1.tar.gz $ cd sddelta-0.5.1 $ perl Makefile.PL $ make $ make test $ su - [or sudo -i, as appropriate for your system] # make install
The manual pages for cp2xml and sddelta are available via the preceding links, or in your environment after a successful installation.
Copyright © 2008 Hurricane Labs, LLC.