StoneBlog.stonesoft.com

With StoneGate 5.2 you can save your log records to Local Archive Zip file. Just multi-select the records or define the time range and select Export – Export Log Events… from the right-click menu. That dialog contains now new option to save the log entries as zip file (in addition to XML, CSV and Archive).

Continue reading »

written by teroja - 252 views \\ tags: export, Log Archive, logs, SMC, Zip

Here are some other smaller enhancements that will be available in StoneGate 5.1.

Continue reading »

written by teroja - 506 views \\ tags: concurrent connections, domain, dynamic contact address, enhancements, export, Features, statistics, StoneGate 5.1

This post is shedding some light on two kinda hidden binaries in StoneGate directory, since they can be very useful for automation operation like the one I described in a previous post.

The tools are named sgImport.[bat|sh] and sgExport.[bat|sh].

Both located in <StoneGate_install_dir>/bin/, they can be used to export and import elements from StoneGate (hence their name ).

The nice feature is that they both work with zipped XML files, allowing some very fast object manipulation in StoneGate for different purposes, like:

• quick definition of large number of similar objects (e.g. Network Elements, Firewalls and IPS Engines)
• interaction with external processes like Web Forms, other scripts, applications
• modification of existing elements without accessing the GUI

The usage guidelines can be obtained by issuing the script with –h parameter and this is an example with sgExport.sh on a Linux box:

StoneGate Management Center (4.3.5 [7944])
Copyright 2000-2009 Stonesoft Corp. All rights reserved.
http://www.stonesoft.com
STONEGATE IMPORT/EXPORT

XML Export command syntax:
[-h|--help] [-host <ipaddress>] [-login <login>]
[-password <password>] [-file <resultFilePath>]
[-type <all|nw|ips|sv|rb|al>] [-recursion]
-h | –help: displays the help message,
-host <ipaddress>: specifies the ip address of the Management Server (by default: localhost),
-login <login>: specifies the login of an SMC Administrator,
-password <password>: specifies the password of the SMC Administrator,
-file <resultFilePath>: specifies the zip result file path,
-type <all|nw|ips|sv|rb|al|vpn>: exports all: All Elements; nw: Network Elements; ips: IPS Elements;
sv: Services; rb: Security Policies; al: Alerts; vpn: VPN Elements,
-recursion: activates the recursive export (also referenced objects are exported).
-system: export also system elements.

As you might know, XML files can be quite complex depending how the software they are used with is structured.

To maintain an operational consistency, if you wish to use such feature I’m recommending to act as follows:

1. locate/define in StoneGate configuration an object of the type you’re interested in
2. use GUI export element tool or sgExport to export the zipped XML file
3. manipulate the exported XML file depending on usage
4. recreate the zipped XML file and use sgImport or GUI menu to reimport it in StoneGate

Using the procedure above, you ensure consistency and correctness of the item imported.

Since power is nothing without control StoneGate import process will however validate the file while importing it and will return an error in case it’s missing anything.

Stay tuned, as I’ll publish soon example of practical usage of this very handy StoneGate feature.

written by RoarinPenguin - 787 views \\ tags: export, import, script, sgExport, sgImport, xml

Often it could be useful or necessary to share the Stonegate policies to colleagues for consultation, validation or technical archives without give access to SMC.

First, try a simple copy and past from your policy in GUI to a chart in Excel or other, it’s magic

Second, you have in the SMC CDrom a folder named “Tools” where you can found the Policy converter tool :

“The Policy converter tool converts XML-based Security Policy exports taken from
StoneGate Management Center in to an HTML document.

The tool is compatible with policy exports taken from SMC version 4.0

Requirements:
- Linux Operating system
- Java Runtime v1.5 or later

Usage:
1. Extract the content of the zip package to a Linux workstation.
2. Make a Policy export (from the command line or from the Management Client).
Include referenced elements in the export.
3. Place the export zip package in the snapshotHTMLrenderer directory.
4. Execute script.sh and give the export filename as a parameter. For example
“./script.sh export_file.zip”. The script creates file
result_DATEOFEXECUTION.html in the same directory.
5. View the HTML document with a web browser.”

So wonderful to have a clear document in html to share this information.

written by Hokkyokuguma - 1,172 views \\ tags: converter, export, Policy, share, SMC