Wednesday, October 13, 2010

Adding Checkpoint and Netscreen devices into Firemon

Adding a Checkpoint firewall into Firemon.

In Smart Dashboard:
First create an OPSEC object. Select LEA and CPM.
Select NEW next to the host box, and create a host with the IP address of Firemon.
If your vendor appliance is not listed, select Undetermined (as long as LEA and CPM are selected, everything will work).
Initiate SIC and enter a SIC password.

Additionally the firemon server needs to be added to the GUI client (Cpconfig or via the Provider).
In Firemon:
New> Device> Checkpoint
Select Smartcenter Environment Wizard.
Enter the Smartcenter IP and provide credentials for a user with atleast Read Only access.
Click Connect and enter the SIC password when prompted.
If a separate log server (MLM) is used, it will automatically be added along with all devices managed by that Smartcenter server.

If a separate log server is used, go into the properties of that log server and change the authentication method to clear.

Adding a Netscreen to firemon
Point your syslog stream to Firemon
ssg1-> set syslog config ""
ssg1-> set syslog config "10.16.70" facilities local0 local0
ssg1-> set syslog config "" log traffic

In Firemon:
Right click on the device group and select New Device
Select ScreenOS
Provide the name, ip and credentials

No comments:

Post a Comment