You are on page 1of 20

Authorized Distributor in Vietnam

Nguyn Nh Bng

Module 4: Monitoring

Check Point Security


Administration

Module 1: VPN
VPN--1 NGX Architecture
Module 2: Security Policy
Module 3: Network Address Translation
Module 4: Monitoring
Module 5: Disaster Recovery

Course Map

Security Administration

 Use SmartView Tracker to display information


about traffic controlled by NGX
 Use SmartView Tracker to block an intruder
connection
 Use SmartView Monitor to display information
about an NGX deployment

Objectives

Introduction

Module 3: Monitoring

Provides visual tracking, monitoring


and accounting information
Provides control over the log files
display
Allows quick access to information
Any event which causes an alert is
logged, including some system
events such as an install of a policy

SmartView Tracker

Log mode
Active mode
Audit mode

SmartView Tracker

Open
Save as
Export
Switch active file
Purge active file

the File menu allows the administrator to


perform the following tasks:

Log File Management

SmartView Tracker

 Global Properties window allows an


administrator to define systemsystem-wide logging
and alert parameters for options such as
VPN successful key exchange
VPN packet handling errors
VPN configuration and key exchange
errors etc.

System--wide logging and alerting


System

Configuring the Security Policy for


Logging

SmartView Tracker

block only this connection


block access from this source
block access to this destination

it is possible to block an active


connection using the source IP address
the scope of the blocked connection can
be

Terminating a Connection with Block


Intruder

Blocking Connections

Block Intruder

Block Intruder

Clear blocking

allows tracking of currently installed


versions of CP and OPSEC products
updating of installed CP and OPSEC
software remotely from a centralised
location
centrally managing licenses

Made up of two components


Installation Manager and License
Manager

SmartUpdate

Distributed Configuration

SmartUpdate Architecture

Check Point User Center

locate certificate key on the CD cover of


the CP CD
contact www.checkpoint.com - selecting
User Center to obtain eval or permanent
license

Obtaining Licenses

central the license is linked to the IP


number of the management server
local tied to the IP number to which the
license will be applied

License Types

NGX Licensing

SmartView Monitor

Suspicious Activity

Setting up Suspicious Activity rule

Block Suspicious Activity

Checking status in SmartView


Monitor

Gateway - Network Activity

You might also like