For Check Point deployments, SecureTrack monitors the management servers (SmartCenters, CMAs, and MDSs) for revision changes, and retrieves logs from Log servers and CLMs. For monitoring and usage analysis of all of your Check Point policies, add all management and log servers to SecureTrack.
SecureTrack uses Check Point OPSEC™ protocols and SNMP to monitor Check Point servers in real-time. At startup, SecureTrack establishes a LEA session to the management server and monitors the LEA connection. By default, SNMP traffic is authenticated with MD5, and you can change it to SHA authentication.
Before you add a Check Point server to SecureTrack, you must:
Record the details of all of your Check Point devices to make it easier for you to add all of them. To help you organize the information for your devices, you can use the device information worksheet. To see which TOS features are supported for your device, review the feature support table.
After you upgrade a monitored Check Point CMA device to R80.x, you must upgrade the device in SecureTrack to use Check Point R80.x support.
Configure monitoring of Check Point servers in this order:
SecureTrack and the monitored devices must be synchronized with the correct date and time, either manually or automatically. We recommend that you also configure the devices to resolve DNS queries.
To monitor the system configuration and performance of a gateway, enable Firewall OS Monitoring.
To monitor a Standby Check Point Management Server, see the Technical Note Monitoring a Standby Check Point Management Server.
To monitor a Check Point Management Server with Non-Standard LEA Authentication, see the Technical Note Monitoring a Check Point Management Server with Non-Standard LEA Authentication.
Notes for Check Point topology:
In This Section