ZenPack:Check Point Security Appliance

From Zenoss Wiki
This is the approved revision of this page, as well as being the most recent.
Jump to: navigation, search


Note: This ZenPack is available in commercial versions of Zenoss. Click here to request more information about this commercial ZenPack. Click here to see all commercial ZenPacks.

Organization
Zenoss, Inc.
ZenPack name
ZenPacks.zenoss.CheckPointMonitor

Devices Monitored:



Check Point Security Appliance ZenPack

This ZenPack monitors Check Point Security Appliances.

Warning

The ZenPack Catalog has moved to its new home at https://www.zenoss.com/product/zenpacks as of January 17, 2017. The following information may be out of date, and this page will eventually be removed.

Support

This ZenPack is included with commercial versions of Zenoss and enterprise support for this ZenPack is provided to Zenoss customers with an active subscription.

Releases

Version 2.0.1- Download
Released on 2016/09/06
Compatible with Zenoss Resource Manager 4.1.x, Zenoss Resource Manager 4.2.x, Zenoss Resource Manager 5.0.x, Zenoss Resource Manager 5.1.x, Zenoss Resource Manager 5.x.x

Background

The ZenPacks.zenoss.CheckPointMonitor ZenPack monitors security appliances from Check Point.


With this ZenPack, you can ensure that the firewall module has a policy installed, HA is in a proper state, and that the policy server (for SecureClient) is running.


Prerequisites

Prerequisite Restriction
Product Zenoss platform 4.x
Required ZenPacks ZenPacks.zenoss.CheckPointMonitor


Configuring Check Point Firewalls to Allow SNMP Queries

Configure the Check Point firewall to allow SNMP queries from Zenoss platform, and to send SNMP v1 or SNMP v2 traps to Zenoss platform.


Configuring Zenoss platform

All Check Point devices must exist under the /Devices/Network/Check Point device class.


  1. Navigate to the device or device class in the Zenoss platform interface.
    • If applying changes to a device class:
      1. Select the class in the devices hierarchy.
      2. Click Details.
      3. Select Configuration Properties.
    • If applying changes to a device:
      1. Click the device in the device list.
      2. Select Configuration Properties.
  2. Edit the appropriate configuration properties for the device or devices.
    Check Point Configuration Properties
    Name Description
    zSnmpCommunity Consult with your network administrators to determine the SNMP community permitted.
    zSnmpMonitorIgnore This should be set to False
    zSnmpPort The default port is 161
    zSnmpVer This should be set to v2c


  3. Click Save to save your changes. You will now be able to start collecting the Check Point firewall metrics from this device.
  4. Navigate to Graphs and you should see some placeholders for performance graphs. After approximately fifteen minutes you should see the graphs start to become populated with information.


Daemons

Type Name
Modeler zenmodeler
Performance Collector zenperfsnmp

Installation

Normal Installation (packaged egg)

  1. Download the appropriate egg file for the version of Zenoss you are running.
  2. Ensure you are logged in as the zenoss user:
    $ sudo su - zenoss
  3. Install the ZenPack:
    $ zenpack --install ZenPacks.zenoss.CheckPointMonitor-*.egg
  4. Restart these services:
    $ zenoss restart


Discuss

Purplemarker.png New: Don't forget to add yourself to the Zenoss User Map!

blog comments powered by Disqus