checkpoint-security-mcp-servers
@ngardiner
Anthropic MCP servers to enable AI agent integration and autonomous defense for Check Point firewalls, endpoint, and more.
Overview
What is checkpoint-security-mcp-servers?
checkpoint-security-mcp-servers is an open-source implementation of Anthropic’s Model Context Protocol (MCP) servers designed for Check Point security products. It enables AI agents to interact with Check Point firewalls, endpoint solutions, and logging capabilities through a standardized protocol. This is an independent community project, not officially affiliated with Check Point Software Technologies.
How to use checkpoint-security-mcp-servers?
Clone the repository, set up a Python 3.8+ virtual environment, install dependencies from requirements.txt, configure a Check Point Management API key and manager URL, then run the desired server (e.g., python src/firewall/server.py). Connect an MCP-compatible AI client (like Claude Desktop) over standard I/O to discover and invoke tools such as checkpoint_login_test.
Key features of checkpoint-security-mcp-servers
- Exposes Check Point firewall management via MCP Tools
- Provides a login test tool for API connectivity verification
- Modular structure for Firewall and Harmony Endpoint servers
- Uses standard I/O transport for MCP client connections
- Designed for autonomous security automation workflows
- Community-driven, open-source project under chosen license
Use cases of checkpoint-security-mcp-servers
- AI-driven testing of Check Point Management API connectivity
- Automating firewall policy checks and rule audits
- Enabling autonomous incident response actions on firewalls
- Integrating Check Point security with AI assistants like Claude
- Prototyping AI-based security orchestration in enterprise environments
FAQ from checkpoint-security-mcp-servers
What dependencies are required to run the server?
Python 3.8+ and a Check Point Management Server with API access are required. Dependencies are listed in requirements.txt.
How do I configure API access?
Obtain an API key from your Check Point Management Server and note the manager URL (IP/hostname and port). For initial testing with self-signed certificates you may use verify=False, but production environments require proper certificate validation.
What capabilities are currently implemented?
Only the checkpoint_login_test Tool in the Firewall MCP server, which tests connectivity to the Management API using an API key.
What future capabilities are planned?
Full firewall tools (e.g., BlockIPTool), log retrieval resources, Harmony Endpoint server with endpoint isolation and status checks, and improved error handling.
What transport does the server use?
The server runs over standard I/O (stdin/stdout) and waits for an MCP client connection. No HTTP or WebSocket transport is mentioned.