UDM Product Description
User and Device Management (UDM) is a web based application that manages a range of user and device related tasks in an organization. A typical user accesses organizational resources from multiple devices: computers, laptops, smartphones, and tablets.
UDM provides a unified environment for managing various user and device related tasks, such as provisioning, transparency of access via SmartLog logs, viewing user and device details, certificate management, AD user management, and FDE password recovery (for Endpoint Security clients).
With UDM, security administrators can delegate user and device management tasks to Help Desk administrators. This delegation of responsibilities lets the network security team handle security policy issues and the Help Desk team manage some user access tasks.
What's New
- Supports working with Security Management R80.40
- Improved reporting of events and alerts to Log Server
UDM Configuration
Once the R77.30.01 UDM HF8 is installed on a separate machine (optionally on a VMware VM), it can connect to different Security Management Servers or Multi-Domain Security Management Servers, including R80.x Servers.
If the Network Security Management Server, to which the UDM Server connects is either R77.20 or R77.30, then you must install either sk101217 - R77.20 Add-On or sk105412 - R77.30 Add-On, respectively.
Licensing
UDM HF8 Server doesn't require a Security Management license if connecting to different Security Management Servers or Multi-Domain Security Management Servers.
For further assistance, contact Check Point Account Services:
- by using Live Chat
- by completing an Online Form
- by phone: Americas: +1-972-444-6600 option 5, or International: +972-3-611-5100 option 5
Installation options
Downloads
To install UDM R77.30.01 HF8 on a Gaia Security Management Server:
- Back up your current UDM Server.
- Update to latest CPUSE deployment agent (sk92449 - Check Point Upgrade Service Engine (CPUSE) - Gaia Deployment Agent).
- Download the HF7 installation file: <>
- Connect to your UDM server Gaia Portal. (Default address is: https://<ip_address>:4434/)
- Navigate to Upgrades (CPUSE) pane. Click on "Status and Actions".
- On the toolbar, click on the "More" button - select "Import Package" - browse for the CPUSE Offline package (TGZ file) - click on "Upload".
- Select the hotfix package <> - click on "Install Update" button on the toolbar.
Note: Machine will automatically reboot after installation process is completed.
Note: If you want to activate SandBlast Mobile support in self-service portal:
- Connect to the UDM server via SSH.
- Open /opt/CPudm-R77/conf/udmenv.properties for editing.
- In the below line replace the variables (marked in CAPITAL letters) with your own values. mtp.dashboards=[{"site":[DISPLAY_NAME],"url":[DASHBOARD_URL],"username":[DAHSBOARD_USERNA ME],"apiKey":[API_KEY]}]
- Optional: You can set the maximum devices for user by setting mtp.max.devices = [MAX_NUM_DEVICES] (default is 3)
- Restart the UDM service:
# udmstop; udmstart
Known Limitations
Important notes:
- To get a fix for an issue listed below contact Check Point Support with the issue ID.
- To see if an issue has been fixed in other releases, search for the issue ID in Support Center.
|
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
|