On This Page
Supported Devices and Platforms
The listings below are applicable to the latest hotfix available for this release.
You can configure SecureTrack to monitor and analyze these devices:
Amazon AWS
Amazon AWS EC2
Check Point
Any gateway that is connected to these devices:
Domains (CMA and SmartCenter)
- R81.20
- R81.10 (with Check Point API version 1.8)
- R81 GA (with Check Point API version 1.7)
- R81 (with Check Point API version 1.7)
- R80.40 (with Check Point API versions 1.5 and 1.6)
- R80.30 (with Check Point API versions 1.4 and 1.5)
- R80.20 (with Check Point API versions 1.1 and 1.4)
- R80.10 Jumbo Hotfix T70 and above
- R80
Multi-Domain Security Management (MDS , Provider-1)
- R81.20
- R81.10 (with Check Point API version 1.8)
- R81 GA (with Check Point API version 1.7)
- R81 (with Check Point API version 1.7)
- R80.40 (with Check Point API versions 1.5 and 1.6)
- R80.30 (with Check Point API versions 1.4 and 1.5)
- R80.20 (with Check Point API versions 1.1 and 1.4)
- R80.10 Jumbo Hotfix T70 and above
- R80
Smart-1 Cloud
All Gateways
VSX
Edge Devices
VPN-1 VSX Virtual Edition (VE) Edge
Check Point CloudGuard integration with Azure, Amazon AWS, Cisco ACI, and VMware NSX
Cisco
Application Centric Infrastructure (ACI) - Cisco Application Policy
Infrastructure Controller (APIC)
- 6.0
- 5.2
- 5.1
- 4.2
- 4.0
ASA
- 9.18
- 9.13 (from version 8.3 includes forward reference support and Virtual Contexts)
- 9.2- 9.9
- 9.1
FWSM
- 5 (including Virtual Contexts)
- 4
FWSM devices are supported, but not shown in the Rule Viewer
Cisco Security Manager
- 4.15
- 4.12
- 4.9
- Supports real-time change management for managed devices in text format only
- You must have a Cisco API license for the CSM device
CSM devices are supported, but not shown in the Rule Viewer
ASR9000/CRS
- IOS-XR 5.1.1
Nexus
- 7.0
- 6.2.1
- switch Nexus 1000v versions 4.2 and 5.1
Switches and Routers
IOS
- 12.1
-
12.2(44)se5
-
15.1(4)m2
IOS XE
- 17.3
IOS-XE SD-WAN (Viptela cEdge)
- 17.03.04
-
16.12.05
IOS XR
- 7.5.x
Firepower Management Center (FMC)
- 7.3 (Supported from R23-2 PHF2.0.0.)
- 7.2.x
- 7.0.x
- 6.3 - 6.7
- Firepower Threat Defense is supported via Firepower Management Center
Meraki Dashboard
Meraki Dashboard API 1.28.0 is fully supported.
- MX Firewall
- Z-series (Teleworker gateway) Firewall
F5
F5 devices are supported, but not shown in the Rule Viewer
BIG-IP Local Traffic Manager
- 17.0.x
- 16.1.x
- 15.1(iApps are not supported for all versions)
- 14.1
- 13.1
BIG-IP Local Traffic Manager
- 9.4.2 and above (Supported with preinstalled TOP plugin only)
Forcepoint (formerly Stonesoft)
Sidewinder (formerly Firewall Enterprise)
- 8.3
SMC
-
7.1 (Supports API versions 6.10 and 7.0 (from R23-2 PHF1.0.0))
7.0 (SMC 7.0 and above supports API version 7.0)
6.10
- 6.9 (SMC 6.9 and above supports API version 6.8)
- 6.8
- 6.7
- 6.5
- 6.4 (SMC 6.4 through 6.8 supports API version 6.4 and 6.5)
- 6.3
- 6.1
- 5.10 (SMC 5.10 through SMC 6.3 supports API version 5.10 )
- 5.6 - 5.9
Fortinet
FortiGate
- 7.4.x (Fortinet Manager required for IPv6 support)
- 7.2.x (Fortinet Manager required for IPv6 support)
- 7.0.x (Fortinet Manager required for IPv6 support)
- 6.4.x
- 6.2
- 6.0.x
- 5.6.x
FortiManager
Only Profile-based NGFW mode is supported.
- 7.4.x
- 7.2,x
- 7.0.x
- 6.4.x
- 6.2.x
- 6.0.x
- 6.0.x
- 5.6.x
- 5.4.x
- 5.2.x
- 5.0.x
Google Cloud
GCP Project
GCP Projects and GCP VPCs are supported.
Juniper
NetScreen
- SSG 6.3
- ISG 6.3 (All versions include Virtual Systems)
SRX
- 22-1R1 (Syslog configuration required for Logical Systems)
- 21.2R3
- 20.4R3
- 19.4 (All versions include Logical Systems)
- 19.4 (All versions include Logical Systems)
- 15.1
- 12.3x48
- 12.1
- 10.4
M/MX
- 19.4 R3-S1.3
- 16.1 R4 (All versions support stateful policies, they do not support stateless filters)
- 13.3 R10.2
- 12.3
Microsoft Azure
Azure Resource Manager
Azure Resource Manager is supported, but not shown in the Rule Viewer
Azure Firewall Standard
Azure Firewall Premium
Palo Alto Networks
Panorama devices and PanOS firewalls
- 11.1.x (PHF2.0.0 and later)
- 11.0.x
- 10.2.x
- 10.1.x
- 10.0.x
- 9.1.x
- 9.0.x (includes NSX-v support for SecureTrack)
- 8.1.x
Panorama Basic devices are supported, but not shown in the Rule Viewer
Prisma Access (managed by Panorama)
Symantec (formerly Blue Coat)
SGOS
- 5.3.2.1
- 6.7.1.1 (Supported with preinstalled TOP plugin only)
Proxy AV/SG
- 400 (Supported with custom TOP plugin only)
Blue Coat support will not be affected after R25-1/R25-2 when new vendors cannot be added using TOP plugins (see Removed Features).
VMware
VMware NSX-V
- 6.4.9
- 6.4.6
- 6.4.4
- 6.4.0
VMware NSX-T and VMC
- 4.1 (Change accountability supported)
- 4.0 (Change accountability is not supported)
- 3.2.x
- 3.1
- 3.0
Notes for VMware NSX-T
-
When you upgrade to R23-2, TOS updates certain APIs which don't align with VMware's current best practices for NSX-T devices. If imported logical routers are disconnected at the time of the upgrade, TOS will not be able to replace the old deprecated APIs with the new ones. If this occurs, the imported logical routers will appear in the Manage Devices page with the text "Unavailable." TOS will not be able to receive revisions from unavailable logical routers. If this occurs, check your device connectivity and reconnect if necessary. TOS will try to reach the device every day for 14 days. If the device is still unavailable after 14 days, please contact Tufin Support.
vCenter
- 7.0
- 6.5