ZenPack:Check Point Security Appliance
Note: This ZenPack is available in commercial versions of Zenoss. Click here to request more information about this commercial ZenPack. Click here to see all commercial ZenPacks.
- Organization
- Zenoss, Inc.
- ZenPack name
- ZenPacks.zenoss.CheckPointMonitor
Devices Monitored:
Check Point Security Appliance ZenPack
Warning
The ZenPack Catalog has moved to its new home at https://www.zenoss.com/product/zenpacks as of January 17, 2017. The following information may be out of date, and this page will eventually be removed.
Support
This ZenPack is included with commercial versions of Zenoss and enterprise support for this ZenPack is provided to Zenoss customers with an active subscription.
Releases
- Version 2.0.1- Download
- Released on 2016/09/06
- Compatible with Zenoss Resource Manager 4.1.x, Zenoss Resource Manager 4.2.x, Zenoss Resource Manager 5.0.x, Zenoss Resource Manager 5.1.x, Zenoss Resource Manager 5.x.x
Background
The ZenPacks.zenoss.CheckPointMonitor ZenPack monitors security appliances from Check Point.
With this ZenPack, you can ensure that the firewall module has a policy installed, HA is in a proper state, and that the policy server (for SecureClient) is running.
Prerequisites
Prerequisite | Restriction |
---|---|
Product | Zenoss platform 4.x |
Required ZenPacks | ZenPacks.zenoss.CheckPointMonitor |
Configuring Check Point Firewalls to Allow SNMP Queries
Configure the Check Point firewall to allow SNMP queries from Zenoss platform, and to send SNMP v1 or SNMP v2 traps to Zenoss platform.
Configuring Zenoss platform
All Check Point devices must exist under the /Devices/Network/Check Point device class.
- Navigate to the device or device class in the Zenoss platform interface.
- If applying changes to a device class:
- Select the class in the devices hierarchy.
- Click Details.
- Select Configuration Properties.
- If applying changes to a device:
- Click the device in the device list.
- Select Configuration Properties.
- If applying changes to a device class:
- Edit the appropriate configuration properties for the device or devices.
Check Point Configuration Properties Name Description zSnmpCommunity Consult with your network administrators to determine the SNMP community permitted. zSnmpMonitorIgnore This should be set to False zSnmpPort The default port is 161 zSnmpVer This should be set to v2c
- Click to save your changes. You will now be able to start collecting the Check Point firewall metrics from this device.
- Navigate to Graphs and you should see some placeholders for performance graphs. After approximately fifteen minutes you should see the graphs start to become populated with information.
Daemons
Type | Name |
---|---|
Modeler | zenmodeler |
Performance Collector | zenperfsnmp |
Installation
Normal Installation (packaged egg)
- Download the appropriate egg file for the version of Zenoss you are running.
- Ensure you are logged in as the zenoss user:
$ sudo su - zenoss
- Install the ZenPack:
$ zenpack --install ZenPacks.zenoss.CheckPointMonitor-*.egg
- Restart these services:
$ zenoss restart
Discuss
New: Don't forget to add yourself to the Zenoss User Map!