Offline Analysis

You can manually upload policy configurations to SecureTrack, for offline analysis, auditing, and compliance. All SecureTrack features that do not require real-time monitoring or usage analysis are available.

This has two main uses:

  • Offline monitoring: When there can be no connectivity between SecureTrack and the actual firewalls, you can periodically export the firewall policy from the device as a file, and then import the file into SecureTrack. Each time you import an updated file, SecureTrack records a policy revision.

  • What If analysis (non-Check Point only): You can edit a firewall policy in text format, and then upload it to SecureTrack to analyze its effects, without having to actually deploy it on a device.

Offline Analysis needs to be enabled for the specific device. To record a policy revision, first obtain a policy configuration file from the device and then upload it to SecureTrack.

Supported: Offline Analysis is supported for all standalone (non-management) devices that can be monitored by SecureTrack.

Not Supported: Offline Analysis is not supported for child-level devices (devices managed by other devices). Additionally, it is not supported when a device is configured for High Availability.

When using Offline Analysis, these TOS Aurora features are NOT available:

All Devices

Check Point Devices

  • Real time alerts for revisions and compliance policies
  • Accountability
  • Rule and object usage
  • Dynamic routes considered for topology (topology based only on static routes)
  • Performance alerts
  • Topology