Hi Dan,
Thanks, I will look into this.
Regards,
Isuru-------------------------------------------
Original Message:
Sent: Jun 18, 2020 02:34 AM
From: Daniel Hanman
Subject: Checkpoint OPSEC LEA Integration
try this
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...Original Message:
Sent: Jun 01, 2020 08:45 PM
From: Isuru Tharanga
Subject: Checkpoint OPSEC LEA Integration
Hi Daniel,
Regarding the Syslog Forwarding... Were you referring to this kind of a scenario (
https://qostechnology.in/blog/syslog-integration-with-checkpoint/) or the 'Checkpoint log exporter' ??
Regards,
Isuru
Original Message:
Sent: May 28, 2020 08:25 PM
From: Isuru Tharanga
Subject: Checkpoint OPSEC LEA Integration
Hi Daniel,
Thanks for the update. There's no connectivity issue. We are using "Checkpoint SmartConsole" for "R80.10" Firewalls.
I will look into syslog as well.
Regards,
Isuru
Original Message:
Sent: May 28, 2020 04:57 AM
From: Daniel Hanman
Subject: Checkpoint OPSEC LEA Integration
Hi Isru,
CheckPoint can be interesting to integrate with due to certificates, certificate hashing and CheckPoint architecture.
Simple things to check:
Make sure connectivity is available to CP from FSM Super or Collectors.
Are you using SmartCenter or is it CLM, MLM, CLA.
Check what version of CheckPoint is running.
Probably a more straightforward way to integrate is to forward events from CP in Syslog CEF format, this is supported by FortiSIEM and CheckPoint supports this now.
Original Message:
Sent: May 22, 2020 05:22 AM
From: Isuru Tharanga
Subject: Checkpoint OPSEC LEA Integration
Hi,
We have been trying to integrate Checkpoint Firewall logs from Smart Console via OPSEC API. We successfully pulled the certificate from "opsec_pul_cert" CLI tool but we have an issue when trying to pull the certificate from FortiSIEM GUI.
FortiSIEM 5.3.0
Checkpoint R80.10
Did anyone come across with this issue before?
Regards,
Isuru
