Security

last person joined: yesterday 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.

  • 1.  STRM and Checkpoint SmartCenter with several FWs

    Posted 10-06-2010 09:16

    Hi Guys,

     

    I've started to deploy a STRM 5000 Series II to replace a Cisco MARS. I've connected our FW-management - Checkpoint SmartCenter - via OPSEC/LEA. The STRM successfully receives the log data from the firewalls connected to that management.

    Now I'm trying to figure out, if there's a possibility to differentiate between the firewalls instead of seeing all those events coming from the management as source. The Cisco Mars is capable of doing so. There I can see which log data came from which firewall giving me the ability to use different rules for e.g. internal or external FWs.

    Do you have some hints about how to solve that issue?

     

    Thanks alot!

     

    Greetz Roman


    #STRM


  • 2.  RE: STRM and Checkpoint SmartCenter with several FWs
    Best Answer

    Posted 10-08-2010 06:02

    Hi!

    Problem's solved...

    It was too simple. If there's anybody out there facing the same problem:

    You select the Checkpoint Smartcenter-Log Source and uncheck the field  "Use Server IP for Log Source"

    then the STRM does differentiate between the the connected FWs.

     

    Catch ya!


    #STRM


  • 3.  RE: STRM and Checkpoint SmartCenter with several FWs

    Posted 12-02-2010 09:48

    Dear all,

                   i am configure STRM5000 to receive log from checkpoint. i am doing everything form our site but finally i am getting error  "fail to pull ssl certificate"