The following procedure assumes you are using the CKP_SAM_Client.exe tool provided by Check Point to import suspicious object data to a Check Point firewall server.
Before using the Check Point SAM Client tool, you must:
Prepare the Check Point firewall server
For more information, see Preparing the Check Point Firewall Server.
Prepare the authentication configuration files
For more information, see Preparing the Authentication Certificate Configuration Files.
Export the Control Manager Suspicious Object lists using the Suspicious Object List Exporter tool
For more information, see Using the Suspicious Object List Exporter (SuspiciousObjectExporter.exe).
CKP_SAM_Client.exe -t <timeout> -g <fw-ip> -c <conf_path> -A notify any <IP_address>
-t <timeout>: Indicates the amount of time (in seconds) that the Check Point server waits before expiring a suspicious object
-c <conf_path>: Indicates the relative path of the sam.conf file
-g <fw-ip>: Indicates the IPv4 address of the Check Point firewall server
-A notify any <IP_address>: Requests the Check Point firewall server to notify a valid IPv4 address
Running CKP_SAM_Client.exe without any arguments displays usage details for the tool.
For more information about the Check Point sam_client_action arguments, refer to the Check Point firewall server documentation.
The CKP_SAM_Client.exe tool indicates a successfully completed request.
The Enforced Suspicious Activity Rules screen appears and displays the imported suspicious object data.