MIND SAFE

MENU

Search

EXPORT CHECK POINT POLICIES TO HTML OR XML

Check Point polices are easy to manage when you have access to SmartDashboard. However, sometimes you
may need to share these polices with other individuals, such as auditors, and its helpful to know how to
export these in an easy to read format. Check Point actually has some decent documentation around this,
but I ran into a few bumps, so here are my notes. I followed the guide below; make sure to download and
install the appropriate WebVI tool before proceeding:
https://supportcenter.checkpoint.com/supportcenter/portal?
eventSubmit_doGoviewsolutiondetails=&solutionid=sk64501
First Extract the WebVI Tool to C:\webvi
Next Open command prompt and cd to C:\webvi
For output of all policies in HTML:
open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

Run this command:

cpdb2html.bat c:\webvi C:\webvi\output SMARTCENTER_IP_ADDRESS ADMIN_USERNAME ADMIN_PASSWORD -o

All-Policies.html

The outputs will be saved in C:\webvi\output\

For output of individual policies in HTML:

cpdb2html.bat c:\webvi C:\webvi\output SMARTCENTER_IP_ADDRESS ADMIN_USERNAME ADMIN_PASSWORD

-m

FW_HOSTNAME -o POLICY_NAME-Report.html

For output of all policies in XML (Preferred method!):

cpdb2web -s SMARTCENTER_IP_ADDRESS -u ADMIN_USERNAME

-p ADMIN_PASSWORD -o c:\webvi\xsl\xml -w

C:\webvi

You should see an output similar to this after executing the command:
open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

To view the output, open to C:\webvi\xsl\index.xml

NOTE: This is best viewed in Firefox. IE, Chrome and Safari do not format the XML properly.
Here is a sample screenshot of the home page youre presented with. You can click on the individual security
policies, NAT policies, object, services and users. Everything is navigable by click (Awesome!).

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

After clicking on a Security Policy, youll be presented with the ruleset in an almost identical format as
SmartDashboard.

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

I have to admit, this tool is incredible. Now youre set to use, share and ship your policy anywhere! Kidding
please dont do that. Why Check Point doesnt move to a web-based platform like this, Ill never
understand.
About these ads

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

Share this:
Email

Facebook

Twitter 1

LinkedIn 1

Google

Like
Be the first to like this.

Related

Configuring IP Multicast in
Sparse-mode with Auto-RP

Configuring WWxN Pools in

UCS
In "CCIE Data Center"

Mixing SATA and SSD in Same

B-Series UCS Server
In "CCIE Data Center"

Posted in Check Point and tagged checkpoint, export policy, webvi on February 6, 2014. Leave a comment

Juniper Cisco GRE IPSec with OSPF

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

A lesson in verifying Nexus 7000 MTU

pdfcrowd.com

LEAVE A REPLY
Enter your comment here...

EMAIL SUBSCRIPTION
Enter your email address to subscribe to this
blog and receive notifications of new posts by
email.
Join 324 other followers
Enter your email address

SIGN ME UP!

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

FOLLOW ME ON TWITTER
My Tweets

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

RECENT POSTS
The Path to CCIE Data Center
Configuring WWxN Pools in UCS
UCS Boot from iSCSI
Configuring iSLB for CCIE DC
Configuring iSCSI for CCIE DC

ARCHIVE
December 2014
November 2014
September 2014
August 2014
July 2014
June 2014
May 2014
March 2014
open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

February 2014
March 2011
December 2009
May 2009

CATEGORIES
Check Point (1)
Cisco (23)
BFD (1)
CCIE Data Center (21)
FabricPath (1)
iSCSI (3)
Multicast (1)
Nexus (6)
Storage (10)
UCS (3)
Juniper (1)
open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

SAN (1)
TCP (1)
Uncategorized (4)

BLOGS I FOLLOW
Curious Packet
adam raffe
The CCIE R&S
Layer Zero Blog
CCIE Blog
Keeping It Classless
BRAD HEDLUND
CCIE or Null!
Jeremy Waldrop's Blog

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

Follow Mind Safe

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

B LO G A T WO R D P R ES S .C O M. T HE S UI T S T HEME.

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com