Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SSIM to be integrated with checkpoint r75 or gaia

Created: 18 Dec 2012 | 4 comments

I want to integrate or install a SIM agent on checkpoint r75 or splat OS.

so is there a agent available for it.

Comments 4 CommentsJump to latest comment

maximb@netcom.co.il's picture

You should use LEA collector 4.4 and after installation run LiveUpdate. After that this collector can collect events from r75 and gaia.

Mike Buckley's picture

The Check Point collector works just fine with R75, and SPLAT is just Linux so you can output to a SSIM syslog collector if you want OS stuff as well.

Not done much with Gaia apart from a couple of basic installs but it's Linux as well so syslog.

 

You can't install an agent so you'll need another server for that if you definitely want to run off box (or if 4.8 you have no choice)

atul557's picture

Can someone provide me steps to integrate ssim with R75 or gaia?

Avkash K's picture

Hi Atul,

It depends on your collector installation.

 

  • A local collector resides on the LEA server.
  • A remote collector does not reside on the LEA server.
  • In a distributed collector installation, the Check Point FireWall-1 gateway,

    Check Point Management Server, and Check Point Log Server reside on separate machines, and the collector may reside either on the log server machine, or another machine altogether.

 

Depending on all this :

  • For a remote installation, specify sslca in this

    field.

  • For sslca, both client and server must provide

    certificates that are created and signed by a trusted certificate authority.

  • For a local installation, specify local in this

    field.

  • For a distributed installation, specify local in

    this field.

 

Please refer below links for your reference:

http://www.symantec.com/docs/TECH180284

 

Hope that will help you!

Regards,

Avkash K