When you configure your Check Point Firewall-1 to send log data to USM Appliance, you can use the Checkpoint Firewall plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin.
Device | Details |
---|---|
Vendor | Check Point |
Device Type | Firewall |
Connection Type | Syslog |
Data Source Name | fw1-alt |
Data Source ID | 1590 |
Integrating Check Point Firewall-1
One way to send logs to USM Appliance is to install the Check Point Log Exporter, and then create a target for the USM Appliance Sensor using its IP address. Depending on your preference, see basic deployment, advanced deployment, or TLS configuration for detailed instructions from the vendor.
Note: The Checkpoint Firewall plugin accepts Syslog format. To use the Common Event Format (CEF), select the Checkpoint Firewall CEF plugin instead.
Plugin Enablement
For plugin enablement information, see Enable Plugins.