SSIM & Checkpoint
Can anyone help to confirm the following setup for Checkpoint FW1 is adequate:
1. The Checkpoint FW1 hardware is a Nokia box.
2. This Nokia box is managed by a separate Windows based management console.
3. I am using the on-appliance Checkpoint collector on the SSIM server, and set up the management console as according to Page 16 with header "To configure Check Point FireWall-1 for a remote collector installation".
The setup is completed, however, the sensor started and stopped, and there are no logs coming in.
Questions
1. Is the above process correct for such setup?
2. I am using the on-box collector for Checkpoint FW1, can this be supported? Or is it mandatory that the agent and collector MUST be installed on the management console?
Comments 2 Comments • Jump to latest comment
Please, check your collector's logs. Are there any ERROR or WARN messages?
The process you described seems to be correct and, yes, CheckPoint collector supports on-box installation. So, the only way to know why it doesn't work - to examine logs - they should point at the reason. Logs are located here: /opt/Symantec/sesa/Agent/logs/
-Tatyana
Lots of checkpoint issues are due to the initial certificate not downloaded by collector.
Cert are located in this folder, /opt/Symantec/sesa/Agent/collectors/checkpoint/certs/ip_address
Make sure it is there.
Would you like to reply?
Login or Register to post your comment.