As we celebrate Thanksgiving in the United States this week, it’s common to reflect on what you’re thankful for. Here at FireMon, we are thankful for our wonderful staff, especially the Technical Support team. With seasoned members spanning the globe, they are always available for a quick question or to help resolve a larger issue you might be facing.
One issue that the Technical Support team helps with on occasion relates to Check Point retrieval and usage analysis. Jason Nowak, Senior Support Engineer and three-year FireMon veteran, provided his top do-it-yourself tips:
6 Tips for Smooth Check Point Retrieval & Usage Analysis
- Start the process off right. When entering Check Point credentials in the device setup wizard in Security Manager, make sure that you manually type in the username and password instead of copying and pasting from Check Point. The very first step in the process can be complicated if the simple but routine Ctrl+C command is used.
- Test your credentials. Make sure you can sign into your Check Point SmartDashboard using the same credentials you have entered in the Check Point device properties in Security Manager.
- Don’t forget to add FireMon. With newly added Check Point devices, the FireMon Data Collector needs to be set up as a GUI Client. The retrieval will fail if the wrong IP address is used to do the retrieval.
- Test for errors. The Telnet command can be used to determine if a port is blocked on the Check Point device. The results of this test can help you identify an easy fix.
- Certificates are needed for usage. Make sure that the OPSEC application object has been created and the SIC certificate has been uploaded into Security Manager for Check Point usage analysis to be successful.
- Install a policy to start usage matching. The policy needs to be installed on the Check Point firewall before Security Manager can begin detecting usage.
We hope you find these tips to be useful. And of course, our support team is always here to help. Contact us by calling +1 913.730.1130, or by logging into our user portal and submitting a ticket under your support agreement.