Supported Devices and Platforms

The listings below are applicable to the latest hotfix available for this release.

You can configure SecureTrack to monitor and analyze these devices:

Amazon AWS

Amazon AWS EC2

Arista

CVP

CloudVision as a service and on-prem Cloud Vision

EOS

4.29.4M

Check Point

Any gateway that is connected to these devices:

Domains (CMA and SmartCenter)

R82 (with Check Point API version 1.8)

R81.20

R81.10 (with Check Point API version 1.8)

R81 GA (with Check Point API version 1.7)

R81 (with Check Point API version 1.7)

R80.40 (with Check Point API versions 1.5 and 1.6)

R80.30 (with Check Point API versions 1.4 and 1.5)

R80.20 (with Check Point API versions 1.1 and 1.4)

R80.10 Jumbo Hotfix T70 and above

R80

Multi-Domain Security Management (MDS , Provider-1)

R82 (with Check Point API version 1.8)

R81.20

R81.10 (with Check Point API version 1.8)

R81 GA (with Check Point API version 1.7)

R81 (with Check Point API version 1.7)

R80.40 (with Check Point API versions 1.5 and 1.6)

R80.30 (with Check Point API versions 1.4 and 1.5)

R80.20 (with Check Point API versions 1.1 and 1.4)

R80.10 Jumbo Hotfix T70 and above

R80

Smart-1 Cloud

All Gateways

VSX

Edge Devices

VPN-1 VSX Virtual Edition (VE) Edge

Check Point CloudGuard integration with Azure, Amazon AWS, Cisco ACI, and VMware NSX

Cisco

Application Centric Infrastructure (ACI) - Cisco Application Policy
Infrastructure Controller (APIC)

6.0

5.2

5.1

4.2

4.0

ASA

9.18

9.13 (from version 8.3 includes forward reference support and Virtual Contexts)

9.2- 9.9

9.1

FWSM

5 (including Virtual Contexts)

4

FWSM devices are supported, but not shown in the Rule Viewer

ASR9000/CRS

7.5.1

Nexus

switch Nexus 1000v versions 4.2 and 5.1

6.2.1

7.0

8.1

Switches and Routers

IOS

12.1

12.2(44)se5

15.1(4)m2

IOS XE

17.3

IOS-XE SD-WAN (Viptela cEdge)

17.03.04

16.12.05

IOS XR

7.5.x

Firewall Management Center (FMC) (formerly Firepower)

7.6.x

7.5.x

7.4.x

7.3.x

7.2.x

7.0.x

6.3 - 6.7

• Firewall Threat Defense is supported via Firewall Management Center

Meraki Dashboard

Meraki Dashboard API 1.28.0 is fully supported.

MX Firewall

Z-series (Teleworker gateway) Firewall

F5

F5 devices are supported, but not shown in the Rule Viewer

BIG-IP Local Traffic Manager

17.0.x

16.1.x

15.1(iApps are not supported for all versions)

14.1

13.1

BIG-IP Local Traffic Manager

9.4.2 and above (Supported with preinstalled TOP plugin only)

Forcepoint (formerly Stonesoft)

Sidewinder (formerly Firewall Enterprise)

8.3

SMC

7.1.1 (Supports API versions 6.10)

7.1 (Supports API versions 6.10 and 7.0)

7.0 (SMC 7.0 and above supports API version 7.0)

6.10

6.9 (SMC 6.9 and above supports API version 6.8)

6.8

6.7

6.5

6.4 (SMC 6.4 through 6.8 supports API version 6.4 and 6.5)

6.3

6.1

5.10 (SMC 5.10 through SMC 6.3 supports API version 5.10 )

5.6 - 5.9

Fortinet

Only profile-based NGFW mode is supported for Fortigate and FortiManager devices.

FortiGate

7.4.x (Fortinet Manager required for IPv6 support)

7.2.x (Fortinet Manager required for IPv6 support)

7.0.x (Fortinet Manager required for IPv6 support)

6.4.x

6.2

6.0.x

5.6.x

FortiManager

7.6.x

7.4.x

7.2.x

7.0.x

6.4.x

6.2.x

6.0.x

6.0.x

5.6.x

5.4.x

5.2.x

5.0.x

Google Cloud

GCP Project

GCP Projects and GCP VPCs are supported.

Huawei

Huawei Router

CloudEngine (CE) Series, NetEngine (NE) Series, and S-Series are supported.

V600R024C10

Huawei Firewall

USG and Eudemon Series are supported

V600R023C10

Juniper

NetScreen

SSG 6.3

ISG 6.3 (All versions include Virtual Systems)

SRX

22-1R1 (Syslog configuration required for Logical Systems)

21.2R3

20.4R3

19.4 (All versions include Logical Systems)

19.4 (All versions include Logical Systems)

15.1

12.3x48

12.1

10.4

M/MX

19.4 R3-S1.3

16.1 R4 (All versions support stateful policies, they do not support stateless filters)

13.3 R10.2

12.3

Microsoft Azure

Both Azure Public Cloud and Azure Government are supported.

Azure Resource Manager

Azure Resource Manager is supported, but not shown in the Rule Viewer

Azure Firewall Standard

Azure Firewall Premium

Palo Alto Networks

Panorama devices and PanOS firewalls

11.2.x

11.1.x

11.0.x

10.2.x

10.1.x

10.0.x

9.1.x

9.0.x (includes NSX-v support for SecureTrack)

8.1.x

Panorama Basic devices are supported, but not shown in the Rule Viewer

Prisma Access (managed by Panorama)

Symantec (formerly Blue Coat)

SGOS

5.3.2.1

6.7.1.1 (Supported with preinstalled TOP plugin only)

Proxy AV/SG

400 (Supported with custom TOP plugin only)

Blue Coat support will not be affected after R25-1/R25-2 when new vendors cannot be added using TOP plugins (see Removed Features).

Versa Networks

SD-WAN Director

22.1.X (Supported from version 22.X and above only)

VMware

VMware NSX-V

6.4.9

6.4.6

6.4.4

6.4.0

VMware NSX-T and VMC

4.1 (Change accountability supported)

4.0 (Change accountability is not supported)

3.2.x

3.1

3.0

Notes for VMware NSX-T

• When you upgrade to R23-2 and later, TOS updates certain APIs which don't align with VMware's current best practices for NSX-T devices. If imported logical routers are disconnected at the time of the upgrade, TOS will not be able to replace the old deprecated APIs with the new ones. If this occurs, the imported logical routers will appear in the Manage Devices page with the text "Unavailable." TOS will not be able to receive revisions from unavailable logical routers. If this occurs, check your device connectivity and reconnect if necessary. TOS will try to reach the device every day for 14 days. If the device is still unavailable after 14 days, please contact Tufin Support.

vCenter

7.0

6.5

NSX-T on Azure VMware Solution

4.11

Zscaler

Internet Access (ZIA) Cloud Firewall