GFI
English Deutsch Français Italiano Nederlands Español
Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Member List  Search  FAQ  Ticket List  Log Out

 

How to collect Checkpoint Firewall log

  		Logged in as: Guest
Users viewing this topic: none
  Printable Version
All Forums >> [Network Security] >> GFI EventsManager >> How to collect Checkpoint Firewall log Page: [1]
Login
Message << Older Topic   Newer Topic >>
How to collect Checkpoint Firewall log - 8.Apr.2008 10:24:40 PM   
nmm

 

Posts: 8
Score: 0
Joined: 8.Apr.2008
Status: offline 		Who has been exprerience to collect  log from Checkpoint Firewall. we are try to collect log from Checkpoint by follow GFI installation step by step (syslog) and config firewall port 514 so everything it's correct, but GFI Server can not get any log from Checkpoint.  Checkpoint engineer, they told  GFI should have OPSEC™ Certificate from Checkpoint so after that we need to configure Checkpoint Firewall’s to support log import from most versions and log extraction API (LEA) and establish connections and retrieve logs from Checkpoint Firewall.
            How we could get the Checkpoint Firewall OPSEC™ for GFI Eventmanager (Checkpoint Firewall is one in GFI Eventmanager Application & Device list support). Incase do you have it, please provide the step of configuration.
Post #: 1
RE: How to collect Checkpoint Firewall log - 10.Apr.2008 6:30:13 AM   
Sven Berger

 

Posts: 184
Score: 0
Joined: 25.Feb.2008
Status: offline 		Hi nmm,

I am slightly confused. Does the Checkpoint device have Logs stored locally that Eventsmanager would need to collect from the machine or does the Checkpoint Device send out syslog messages that EVM would simply need to capture?

If the latter is the case, then I don't see why EVM would have to be Opsec Compliance as the syslog follow an already existing standard. Or are the Ceckpoint Syslogs proprietary?

_____________________________

Sven Berger
GFI Software - www.gfi.com
Messaging, Content Security & Network Security Software

(in reply to nmm)
Post #: 2
RE: How to collect Checkpoint Firewall log - 15.Apr.2008 8:48:41 AM   
jwalzer

 

Posts: 48
Score: 0
Joined: 24.Jan.2007
Status: offline 		Checkpoint logs are proprietary

(in reply to Sven Berger)
Post #: 3
RE: How to collect Checkpoint Firewall log - 15.Apr.2008 9:45:37 AM   
Sven Berger

 

Posts: 184
Score: 0
Joined: 25.Feb.2008
Status: offline 		thanks for clearing this up jwalzer.

i have made a feature request to get this functionality into a future version of EVM (9?). Checkpoint is certainly popular enough to have a serious look at the possibility of collecting these logs.

_____________________________

Sven Berger
GFI Software - www.gfi.com
Messaging, Content Security & Network Security Software

(in reply to jwalzer)
Post #: 4
RE: How to collect Checkpoint Firewall log - 18.Apr.2008 12:30:53 AM   
nmm

 

Posts: 8
Score: 0
Joined: 8.Apr.2008
Status: offline 		In the moment! how can I work around to get log from Checkpoint, Do you have any suggestion?

(in reply to nmm)
Post #: 5
Page:   [1]
All Forums >> [Network Security] >> GFI EventsManager >> How to collect Checkpoint Firewall log Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


   © 2008. All rights reserved. GFI Software Home Products Download Trials Support Ordering Site Map About Us Contact us
GFI solutions: Exchange anti spam filter - exchange anti virus - isa server - network vulnerability scanner - event log management - USB security software - exchange archiving - fax server software