AlienVault® USM Anywhere™

Configuring the AlienApp for Check Point

Role Availability Read-Only Analyst Manager

AlienApp for Check Point Requirements

Before you can begin configuration, you must have the following information from your Check Point instance

  • IP address or hostname
  • Port
  • Username and password
  • Optional: Certificate Authority (CA) Certificate

Check Point Configurations

You need to have the API configured to automatically start in order for USM Anywhere to communicate with the API. You should also allow API calls from all IP addresses. You also need a user account with read and write user permissions

To setup your Check Point API

  1. Log in to the Check Point SmartConsole.
  2. Go to Manage & Settings > Blades > Management API and click the Advanced Settings button.
  3. Under Startup Settings, select the Automatic Start checkbox.
  4. Under Access Settings, select All IP addresses.

    Check Point API options

  5. Click OK.

To make sure your account has read and write permissions

  1. Log in to the Check Point SmartConsole.
  2. Go to Manage & Settings > Permissions and Administrators.
  3. Double click on your account.
  4. Under Permissions, click the Permissions Profile box and select Read Write All.
  5. Click OK.

To enable the AlienApp for Check Point

  1. In USM Anywhere, go to Data Sources > Integrations.
  2. Click the AlienApps tab.

    Available Apps tab

  3. Click the Check Point tile.

  4. Click the Settings tab.
  5. Enter the following items:

    • IP address or hostname
    • Port
    • Username
    • Password
  6. Optionally, Check Validate HTTPS host name and Require CA certificate and enter the CA certificate if you want to use this option.

    Note: If you want to deploy into your network and use a self-signed CA certificate, then you will need to upload it here. The certificate can by found in the /web/conf/server.crt file path.

  7. Click Save .