The Check Point Monitoring Software Blade presents a complete picture of network and security performance, enabling fast responses to changes in traffic patterns or security events.  The Software Blade centrally monitors Check Point devices and alerts to changes to gateways, endpoints, tunnels, remote users and security activities.

Benefits

Comprehensive network security monitoring for faster response to threats
  • Real-time information on Check Point products
  • Monitor connectivity between gateways and remote user traffic
  • Cooperative Enforcement® verifies connections from internal and remote hosts
Simplified network security management for maximum efficiencies
  • Single management console with predefined and customizable interfaces
  • Detailed or summary graphs and charts for analysis of traffic patterns
  • Automatically modify access privileges upon detection of suspicious activity
Integrated into Check Point Software Blade Architecture
  • Activate network security monitoring on any Check Point Security Management server
  • Supported on Check Point Appliances and open servers

Features

The Monitoring Software Blade provides real-time information on Check Point gateways in the organization. Custom and predefined queries enable administrators to view in-depth information, such as system data, network activity, policy and license status about specific gateways.

The Monitoring Software Blade also delivers a comprehensive view of network usage. It can generate detailed or summary graphs and charts for analysis of network traffic patterns, audit and estimate costs of network use, identify departments and users that generate the most traffic, and detect and monitor suspicious activity.

The Monitoring Software Blade also delivers a comprehensive view of network usage. It can generate detailed or summary graphs and charts for analysis of network traffic patterns, audit and estimate costs of network use, identify departments and users that generate the most traffic, and detect and monitor suspicious activity.

The Monitoring Software Blade integrates the Check Point suspicious activity monitoring protocol for modifying access privileges upon detection of any suspicious network activity, such as attempts to gain unauthorized access. Alerts can also be automatically sent to administrators for certain predefined system events such as when free disk space is below an acceptable threshold or if a security policy has been changed. These alerts point to potential system security threats and provide information to assist in avoiding, minimizing or recovering from damage.

The Monitoring Software Blade enables system administrators to monitor connectivity between gateways. Permanent tunnels can be set up between Check Point gateways where uninterrupted connectivity is critical to the organization’s business. By constantly monitoring the status of VPN tunnels, including inbound and outbound tunnel traffic, the Monitoring Software Blade enables administrators to track normal tunnel function so that malfunctions and connectivity problems can be quickly accessed and resolved.

The monitoring of remote users offers valuable information for identifying and troubleshooting remote connectivity issues. The Monitoring Software Blade provides comprehensive information on various aspects of remote user traffic, such as current open sessions, overlapping sessions, route traffic and connection time.

The Cooperative Enforcement monitoring feature utilizes the endpoint security server compliance capability to verify connections arriving from internal and remote hosts across the network. The logs generated for authorized and unauthorized hosts can be monitored via the Monitoring Software Blade.

Using custom or predefined queries, administrators can drill down on a specific segment of traffic or specific gateways to isolate factors that may be affecting network performance. Multiple views can be displayed within the same window and viewed side-by-side to enable easy diagnoses of traffic or security problems.

The Monitoring Software Blade is part of Check Point Security Management solutions, a suite of powerful applications for centrally configuring, managing and monitoring Check Point perimeter, internal, Web and endpoint security gateways. This integration results in reduced complexity and lowers total cost of ownership.

The Monitoring Software Blade is integrated into the Software Blade Architecture. It can be easily and rapidly activated on existing Check Point Appliances or open server platforms, saving time and reducing costs by leveraging existing security infrastructure.

Full integration into the modular Software Blade Architecture allows for rapid and easy activation on any Check Point Security Management server.

Specifications

Feature
Details
Secure status updates of remote modulesVia Check Point OPSEC APIs like AMON
Customizable system overviewIncluding:
  • Customize by gateway
  • Overall status
  • Average CPU
  • Memory
  • Disk free %
System informationOS, CPU, memory, hard disk free %, and network activity
Product status informationIncluding:
  • Firewall
  • VPN
  • ClusterXL
  • Antivirus
Customizable threshold settingsSet actions globally or per gateway for when a threshold is met, e.g. when a remote gateway fails
Customizable actionsLog, alert, email, SNMP trap, and user- defined
Customizable reportingGateways, traffic, counters, tunnels, and remote users
Reset users and tunnelsControl user activity
Apply dynamic enforcement rulePer gateway, source, destination, and service
ClusterXL member controlStart and stop the ClusterXL processes