Overview

sddelta shows the differences in the configuration of SmartDefense™ between two exports from a Check Point® NGX™ SmartCenter™. The output is a fairly simple HTML document (with some JavaScript) that is viewable in modern Web browsers. sddelta is written in Perl and at least runs on Debian Etch and Ubuntu Gutsy, but should certainly run on more or less modern Linux distributions as well as other Unices (in theory) with a reasonably modern version of Perl installed.

Why use sddelta?

SmartDefense updates, whether automatically or deliberately installed from Check Point, often contain all new protections, new attributes for existing protections, and updates to other parts of the SmartDefense configuration as well. It may not always be clear what has changed between updates. sddelta will allow you to be sure of what has changed, especially with regards to what new protections are active, what protections have changed to or from Monitor Only mode, and other settings that are significant in any operating network environment.

Warning on resource usage

Be warned: Producing a delta takes a very long time even on good hardware. sddelta represents Check Point files internally as DOM trees, which require massive amounts of memory. Do not be surprised if the program uses upwards of 200 megabytes of memory and needs several minutes to complete.

Outlook for future development

As of this writing, sddelta is very useful, but imperfect. It may not always illuminate every difference between two SmartDefense configurations in the most intelligible way, especially if the two exports from which configurations are being compared are far apart in version number or time, or if they are from different management servers. Continued work on sddelta is planned.