Offline Analysis

For Check Point devices, only R77 supported Offline Analysis. These devices are in limited support and will reach end of support in R25–2. For details, see Announcements.

You can manually upload policy configurations to SecureTrack for offline analysis, auditing, and compliance. All SecureTrack features that do not require real-time monitoring or usage analysis are available.

Its main use is offline monitoring. When SecureTrack cannot connect to the firewalls, you can export the firewall policy from the device and import the file into SecureTrack. Each time you import an updated file, SecureTrack records a policy revision.

Enable Offline Analysis for the specific device. To record a policy revision, first obtain a policy configuration file from the device and then upload it to SecureTrack.

Supported: SecureTrack supports Offline Analysis for all standalone (non-management) devices.

Not Supported: Offline Analysis is not supported for child-level devices (devices managed by other devices). Additionally, it is not supported when a device is configured for high availability.

When using Offline Analysis, these TOS features are NOT available:

  • Real time alerts for revisions and compliance policies
  • Accountability
  • Rule and object usage
  • Dynamic routes considered for topology (topology based only on static routes)