Configuring the Check Point Gateway for Port Mirroring

You can configure a mirror port for a Check Point deployment that includes a Security Management Server, a gateway, and a SmartDashboard. The mirror port duplicates the network traffic and records the activity in logs.

Use these procedures to configure a Check Point Gateway Switch for port mirroring.

Connecting the Device

To configure the device

  1. Open the VMware Security Gateway.
  2. From the command line, run

    sysconfig

  3. Select Network Connections.
  4. Select Configure Connections.
  5. Select the interface to configure as the mirror port.

    This is the one that you connected.

  6. Select Define as connected to a mirror port.
  7. Enable the Application Control blade in the SmartDashboard.

    You can also enable the IPS blade to see IPS traffic.

    Note: If you only want to enable the IPS blade, you must activate at least one HTTP protection.

  8. Install the Policy.

Verifying the Configuration

To verify the configuration

  1. Browse to any website, such as Google.
  2. Open SmartView Tracker.
  3. Verify that you see traffic from the blade you enabled.

To learn more about configuring a mirror port on a Check Point gateway, refer to the Check Point documentation on the vendor website.