You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+24-13Lines changed: 24 additions & 13 deletions
Original file line number
Diff line number
Diff line change
@@ -2,10 +2,17 @@
2
2
3
3
## What is MCP?
4
4
5
-
The Model Context Protocol (MCP) is a standardized interface that allows AI agents and automation tools to interact programmatically with Check Point Quantum Management servers. Using MCP, you can:
5
+
Model Context Protocol (MCP) servers expose a structured, machine-readable API for your enterprise data—designed for AI-powered automation, copilots, and decision engines. By delivering a clear, contextual slice of your security environment, MCP lets you query, analyze, and optimize complex systems without building custom SDKs or parsing raw exports.
6
+
7
+
## Why MCP for Security?
8
+
9
+
Security Policies often span hundreds of rules and thousands of objects across diverse enforcement points. Understanding, auditing, or optimizing these environments is slow and error-prone.
10
+
MCP changes this: exposing security management data in a modular, context-rich format, ready for AI systems to consume. Enabling the AI to use your data with precision. Ask real-world questions, and get structured, actionable answers—instantly.
11
+
12
+
## Features
6
13
7
14
- Query and visualize installed policies, rulebases, and network topology
8
-
- Retrieve and analyze access, NAT, and threat prevention rules
15
+
- Retrieve and analyze access, NAT and VPN rules
9
16
- List and inspect objects such as hosts, networks, services, VPN communities, and more
10
17
11
18
## Demo
@@ -14,21 +21,25 @@ The Model Context Protocol (MCP) is a standardized interface that allows AI agen
14
21
15
22
## Example Use Cases
16
23
17
-
### Ensure regulatory compliance with industry standards
18
-
Prompt: Check if my gateway configuration meets PCI-DSS/HIPAA/GDPR requirements.
19
-
20
-
### Find broad-definition rules
21
-
Prompt: List all firewall rules that allow traffic from any source to any destination on any port. Highlight rules that are disabled or unused.
24
+
### Regulatory Compliance Checks
25
+
“Do my current gateways meet PCI-DSS, HIPAA, or GDPR standards?”
26
+
*→ Returns a detailed gap analysis across your policy layers.*
22
27
23
-
### Source → Destination Path Analysis
24
-
Prompt: Can you check in my policy if a host or network can access the internet?
28
+
### Risky Rule Discovery
29
+
“Show all rules that allow any-to-any traffic. Highlight unused or disabled rules.”
30
+
*→ Surfaces misconfigurations and expands your visibility.*
25
31
26
-
### Recommendation for rulebase optimization
27
-
Prompt: Take a look at the internet-facing rules in my policy and suggest improvements. Identify any rules that should be strengthened or loosened. Consider both security risks and administrative overhead. In your recommendations, refer only to specific rules that can be changed or suggest adding new ones.
32
+
### Path Analysis for Access
33
+
“Can host 10.1.2.7 access the internet under current policy?”
34
+
*→ Traces real access flows across Access, NAT, and interfaces.*
28
35
29
-
### Custom policy visualizations
30
-
Prompt: Please create a visual report that shows which services are allowed in my network, under which conditions, and which services are strictly blocked.
36
+
### Rulebase Optimization with AI
37
+
“Review internet-facing rules and suggest which should be tightened or removed.”
38
+
*→ Actionable insights that improve your security posture.*
31
39
40
+
### Visual Policy Mapping
41
+
“Generate a report showing allowed and blocked services across my environment.”
42
+
*→ Delivers structured data for dashboards, reports, and audits.*
Copy file name to clipboardExpand all lines: packages/management/README.md
+24-13Lines changed: 24 additions & 13 deletions
Original file line number
Diff line number
Diff line change
@@ -2,10 +2,17 @@
2
2
3
3
## What is MCP?
4
4
5
-
The Model Context Protocol (MCP) is a standardized interface that allows AI agents and automation tools to interact programmatically with Check Point Quantum Management servers. Using MCP, you can:
5
+
Model Context Protocol (MCP) servers expose a structured, machine-readable API for your enterprise data—designed for AI-powered automation, copilots, and decision engines. By delivering a clear, contextual slice of your security environment, MCP lets you query, analyze, and optimize complex systems without building custom SDKs or parsing raw exports.
6
+
7
+
## Why MCP for Security?
8
+
9
+
Security Policies often span hundreds of rules and thousands of objects across diverse enforcement points. Understanding, auditing, or optimizing these environments is slow and error-prone.
10
+
MCP changes this: exposing security management data in a modular, context-rich format, ready for AI systems to consume. Enabling the AI to use your data with precision. Ask real-world questions, and get structured, actionable answers—instantly.
11
+
12
+
## Features
6
13
7
14
- Query and visualize installed policies, rulebases, and network topology
8
-
- Retrieve and analyze access, NAT, and threat prevention rules
15
+
- Retrieve and analyze access, NAT and VPN rules
9
16
- List and inspect objects such as hosts, networks, services, VPN communities, and more
10
17
11
18
## Demo
@@ -14,21 +21,25 @@ The Model Context Protocol (MCP) is a standardized interface that allows AI agen
14
21
15
22
## Example Use Cases
16
23
17
-
### Ensure regulatory compliance with industry standards
18
-
Prompt: Check if my gateway configuration meets PCI-DSS/HIPAA/GDPR requirements.
19
-
20
-
### Find broad-definition rules
21
-
Prompt: List all firewall rules that allow traffic from any source to any destination on any port. Highlight rules that are disabled or unused.
24
+
### Regulatory Compliance Checks
25
+
“Do my current gateways meet PCI-DSS, HIPAA, or GDPR standards?”
26
+
*→ Returns a detailed gap analysis across your policy layers.*
22
27
23
-
### Source → Destination Path Analysis
24
-
Prompt: Can you check in my policy if a host or network can access the internet?
28
+
### Risky Rule Discovery
29
+
“Show all rules that allow any-to-any traffic. Highlight unused or disabled rules.”
30
+
*→ Surfaces misconfigurations and expands your visibility.*
25
31
26
-
### Recommendation for rulebase optimization
27
-
Prompt: Take a look at the internet-facing rules in my policy and suggest improvements. Identify any rules that should be strengthened or loosened. Consider both security risks and administrative overhead. In your recommendations, refer only to specific rules that can be changed or suggest adding new ones.
32
+
### Path Analysis for Access
33
+
“Can host 10.1.2.7 access the internet under current policy?”
34
+
*→ Traces real access flows across Access, NAT, and interfaces.*
28
35
29
-
### Custom policy visualizations
30
-
Prompt: Please create a visual report that shows which services are allowed in my network, under which conditions, and which services are strictly blocked.
36
+
### Rulebase Optimization with AI
37
+
“Review internet-facing rules and suggest which should be tightened or removed.”
38
+
*→ Actionable insights that improve your security posture.*
31
39
40
+
### Visual Policy Mapping
41
+
“Generate a report showing allowed and blocked services across my environment.”
42
+
*→ Delivers structured data for dashboards, reports, and audits.*
0 commit comments