Offline Analysis

You can manually upload policy configurations to SecureTrack, for offline analysis, auditing, and compliance. All SecureTrack features that don't require real-time monitoring or usage analysis are available.

This has two main uses:

  • Offline monitoring: When there can be no connectivity between SecureTrack and the actual firewalls and management servers, you can periodically export the firewall policy from the device as a file, and then import the file into SecureTrack. Each time you import an updated file, SecureTrack records a policy revision.

  • What If analysis (non-Check Point only): You can edit a firewall policy in text format, and then upload it to SecureTrack to analyze its effects, without having to actually deploy it on a device.

Offline Analysis needs to be enabled for the specific device. To record a policy revision, first obtain a policy configuration file from the device and then upload it to SecureTrack.

Offline Analysis is supported for all devices that can be monitored by SecureTrack, except for Check Point MDS (log server and CLM), and Palo Alto Panorama devices.
Offline Analysis is not supported for child-level devices (that is devices managed by other devices).

When using Offline Analysis, these features are NOT available:

All Devices

Check Point Devices

  • Real time alerts for revisions and compliance policies
  • Accountability
  • Rule and object usage
  • Dynamic routes considered for topology (topology based only on static routes)
  • Performance alerts
  • Topology