4-32
User Guide for Cisco Security MARS Local Controller
78-17020-01
Chapter 4 Configuring Firewall Devices
Check Point Devices
Step 6
Record the value defined in the DN field under Secure Internal Communication.
This value is used to populate the Server Entity SIC Name field of MARS in either
Add a Check Point
Primary Management Station to MARS, page 4-40
,
Manually Add a Child Enforcement Module or Log
Server to a Check Point Primary Management Station, page 4-44
, or
Edit Discovered Firewall on a
Check Point Primary Management Station, page 4-50
.
Step 7
Click
OK
to close
the Check Point Host dialog box.
Step 8
For each additional management or log server in this Check Point installation, select that device in the
Network Objects list, and repeat
Step 5
through
Step 7
.
Step 9
Click
Close
to close the Network Objects dialog box.
Step 10
Continue with
Select the Access Type for LEA and CPMI Traffic, page 4-32
.
Select the Access Type for LEA and CPMI Traffic
Check Point devices use special access types for configuration discovery and event log queries. For
configuration discovery, the protocol is CPMI. For event log queries, the protocol is LEA. Each of these
protocols has specific configurable attributes, including whether to use bulk encryption, what cipher to
use, and what port to use for communications.
You must understand what the supported settings are so that you can verify the Check Point devices are
configured correctly. MARS supports only three of the available Check Point authentication mode:
•
CLEAR.
Indicates that the traffic is neither authenticated nor encrypted.
•
SSLCA.
Indicates that the communications need to be authenticated and encrypted using an
symmetric key cipher