Table of Contents
Advertisement
Check Point Devices
Step 6
Record the value defined in the DN field under Secure Internal Communication.
This value is used to populate the Server Entity SIC Name field of MARS in either
Primary Management Station to MARS, page
Server to a Check Point Primary Management Station, page
Check Point Primary Management Station, page
Click OK to close the Check Point Host dialog box.
Step 7
For each additional management or log server in this Check Point installation, select that device in the
Step 8
Network Objects list, and repeat
Click Close to close the Network Objects dialog box.
Step 9
Step 10
Continue with
Select the Access Type for LEA and CPMI Traffic
Check Point devices use special access types for configuration discovery and event log queries. For
configuration discovery, the protocol is CPMI. For event log queries, the protocol is LEA. Each of these
protocols has specific configurable attributes, including whether to use bulk encryption, what cipher to
use, and what port to use for communications.
You must understand what the supported settings are so that you can verify the Check Point devices are
configured correctly. MARS supports only three of the available Check Point authentication mode:
•
•
User Guide for Cisco Security MARS Local Controller
4-32
Select the Access Type for LEA and CPMI Traffic, page
CLEAR. Indicates that the traffic is neither authenticated nor encrypted.
SSLCA. Indicates that the communications need to be authenticated and encrypted using an
symmetric key cipher
4-40,
Manually Add a Child Enforcement Module or Log
4-50.
Step 5
through
Step
7.
Chapter 4
Configuring Firewall Devices
Add a Check Point
4-44, or
Edit Discovered Firewall on a
4-32.
78-17020-01
Advertisement
Table of Contents
Troubleshooting
