Create a Check Point custom permission profile to permit QRadar Risk Manager access

To enable QRadar Risk Manager access to the Check Point SMS HTTPS adapter API, you must create a permission profile on the Check Point Multi-Domain Server that includes the "Run One Time Script" permission.

About this task

You can create a custom permission profile that includes this permission, but is less permissive than the "Read Write All" or "Read Only All" profile.

Procedure

  1. On the SMS Console with SmartDashboard, click Manage & Settings > Permissions & Administrators > Permission Profiles.
  2. Click Create New Profile.
  3. On the Overview tab, select Customized.
  4. On the Gateways tab, select One Time Script.
  5. On the Access Control tab, select the following options:
    • Show Policy
    • Edit layers by the Software Blades – Leave the check boxes cleared.
    • NAT Policy – Set the permission to Read.
    • Access Control Objects and Settings – Set the permission to Read.
  6. On the Threat Prevention tab, select Settings and set the permission to Read.
  7. On the Others tab, select the following options:
    • Common Objects – Set the permission to Read.
    • Check Point Users Database – Set the permission to Read.
  8. On the Monitoring and Logging tab, leave the check boxes cleared.
  9. On the Management tab, select Management API Login.
    Important: Ensure that any options that are not listed in Steps 3 – 9 are not selected.
  10. Click OK and assign your user to this new permission profile.