SolutionPack for Check Point Firewall Summary Sheet – Service Assurance Suite 9.4
Table of Contents
Overview
Learn how to install and configure the SolutionPack for Check Point Firewall. This SolutionPack provides unified monitoring of all the Check Point devices distributed in a network with firewall capabilities. It collects and interprets data across multiple Check Point devices, and performs resource grouping and mathematical calculations to generate performance information.
- Verify the traffic accept by the firewall and check how many packets are dropped by the firewall.
- See the number of connections over time.
- Monitor the Check Point routers in real-time and pro-actively, so you optimize your services availability.
- Understand your devices activity, to know which Check Point device has the most traffic by application, for example when devices reach peak loads.
Technical specifications
SolutionPack version
1.0
Compatible EMC M&R version
6.5u1 and later
Data collection method
SNMP collector
Supported MIBs
CHECKPOINT-MIB.mib
RFC1213-MIB.mib
Supported devices
Check Point 2200 appliances
Check Point 4000 appliances
Check Point Firewall-1
Main reports
- Session Failure %
- Shows a Session Failure graph over a period of time for each polled firewall.
- Firewall CPU Usage %
- Shows a CPU Usage graph over a period of time for each polled firewall.
- Firewall with Most Connections
- Provides a TopN Firewall graph showing a firewall with the highest number of connections over a selected time period.
- Firewall Summary
- Provides summaries of the Availability %, CPU Usage %, Session Load %, and Number of Connections of firewall devices.
- Inventory
- Displays the inventory (count only) of the Cisco Firewall network.
- Performance Scorecard
- Reports on firewall hardware availability for memory, CPU, interface, units, disk, and power.
- Situations to Watch
- Displays critical and major interface errors, such as half open connections and session bottlenecks, for each polled firewall.
Where to find the latest SolutionPack software
Install the latest core software update for your product suite. SolutionPacks distributed with core software have a 30-day free evaluation period. If you plan to use the software longer than 30 days, you must install a SolutionPack license before the trial period ends.
This 30-day free evaluation only applies to new installations and is not available for upgraded installations. If you upgrade the core software and want to try a new SolutionPack, you must request a license for that SolutionPack by completing a Support Request (SR) form, which is available on the EMC Online Support website at http://support.emc.com.
Back to TopInstalling a SolutionPack
After you log in as an administrator, you can install a SolutionPack from Centralized Management.
Before you begin
- Determine whether you need a SolutionPack license file by checking the feature names and expiration dates listed in http://support.emc.com. . If not listed, obtain a license by completing a Support Request (SR) form, which is available on the EMC Online Support website at
- Make sure the core modules, such as the Module-Manager, are up-to-date on all servers since not all module dependencies are validated during the SolutionPack installation. See the EMC M&R (Watch4net) Installation and Configuration Guide for more information.
- Make sure you know the name, IP address, SNMP port, and the community string of the firewall device.
- Verify the firewall is configured to allow network access to the SNMP port.
Procedure
- Log in to the EMC M&R platform with your user name and password.
- Select Administration.
- Select Centralized Management.
- Select SOLUTIONPACK CENTER.
- Select the SolutionPack in the Browse and Install SolutionPacks screen.
- Read the summary information and click Install.
- Select the components to install.
- Type the instance name.
- Select the server in one or more list boxes. For example, select the server in the Data collection and Reports list boxes.
- Click Next.
- For each list box you select, a screen appears.
- Click Next after you complete each screen.
- Click Install after you complete the last screen.
The installation process begins. - Select the maximize arrow next to each component to view the installation process.
When the installation successfully completes, green checkmarks appear.
- After the installation is complete, select SolutionPack. to verify the installed
Configuring SNMP device discovery
An SNMP collector discovers the capabilities that you configure for a device. You can use a seed file to import a list of device definitions or manually add and configure devices.
Procedure
- Navigate to Administration in the EMC M&R platform.
- Click
.
A Dashboard appears where you add new SNMP collectors and devices as well as add devices to existing SNMP collectors.
- To add an SNMP collector, click
.
- Specify the required information for the SNMP collector.
- Under Import Options, select all options except Lock collector current capabilities.
- Click Save.
- To upload a seed file, click
.
For information about defining a seed file, click Documentation on SNMP Device Discovery – EMC M&R.
- Type the main parameters and click Save.
- Under the Seed File tab, click Upload new definition seed file.
- Navigate to the seed file and click Ok.
- Click Save.
- To manually add devices, click
.
- On the
New Device window, click each tab and type the required information for the device.
On the Main parameters tab, make sure you specify Firewall for Device Type.
- Click Save on each tab.
- On the
New Device window, click each tab and type the required information for the device.
- Select the device that you just added and click the Approve action, which is the checkmark.
- On the
Dashboard, do the following:
- Click Import devices from all enabled device sources.
- Click Discover capabilities from all approved devices.
- Click Distribute all approved devices with capabilities on all enabled collectors.
- Click
Send the generated configurations on all available collectors.
Green indicators appear on the Dashboard after successful executions of the above functions.
Confirming report creation
After you install a SolutionPack, you can view its reports.
To view the reports:
Procedure
- Go to .
- Click the SolutionPack to view its reports.
Results
Troubleshooting
Report display problems
What to do if data does not appear in any reports
Procedure
- After the completion of at least three collection cycles, verify if data is populating into the reports. If there is still no data in the reports, continue to the next step.
- Run the scheduled task to import data into reports. If there is still no data in the reports, continue to the next step.
- To view the log files for errors, go to Centralized Management and click .
Running a scheduled task to import data into reports
After you push a new configuration into a collector, a scheduled task runs and populates the reports with new data. You can manually run the scheduled task to import the data more quickly.
Before you begin
Allow at least three polling cycles to pass before manually running the scheduled task.
Procedure
- Click Administration.
- Click Centralized Management.
- Expand Scheduled Tasks.
- Click Database.
- Select the import-properties-Default task.
- Click Run Now.
- Confirm success in running the task in the Last Result and Last Result Time columns.
What to do if data does not appear in some reports
Procedure
- Run the scheduled task to import data into reports. If there is still no data in the reports, continue to step 2.
- Search for the metric in the database.
- To view the log files for errors, go to Centralized Management and click .
Searching for metrics in the database
You can verify that a metric is being collected and used for reporting when you search and find the metric in the database.
Procedure
- Go to the Administration page.
- Under Modules, click Management of Database Modules.
- On the
Metric Selection page, create the filter, type the number of results, and select the properties to display for the metric.
For example, to list up to 100 results of the SignalWait Time metric with the properties of device and IP, type name=='SignalWaitTime' in the Filter field, 100 in the Maximum results field, and select device and IP for the Properties to show.
- Click
Query.A list of the metric results appears. If nothing displays, the metric is not being collected.
Viewing collector errors in the Collector-Manager log files
Review the Collector-Manager log files to troubleshoot problems with data collection.
Procedure
- Click Administration.
- Click Centralized Management.
- Expand Collecting.
- Click the Collector-Manager for your collector instance.
Collector-Manager::<Collector-Manager instance> - <physical_host_ID>
- Expand Log Files and click the View File icon to review the configuration error messages.