https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37581#M3587 <HTML><HEAD></HEAD><BODY><P>Hello Guys</P><P>These is one idea for monitoring your "VPC Security" deployed with CloudGuard devices, use "AWS CloudWatch". Its very simply.</P><P>cloudguard&nbsp;vsec aws&nbsp;</P><P></P><P><IMG class="image-1 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/64454_pastedImage_1.png" style="width: 620px; height: 341px;" /></P></BODY></HTML> Tue, 10 Apr 2018 12:37:10 GMT Luciano_Miguel 2018-04-10T12:37:10Z https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37581#M3587 <HTML><HEAD></HEAD><BODY><P>Hello Guys</P><P>These is one idea for monitoring your "VPC Security" deployed with CloudGuard devices, use "AWS CloudWatch". Its very simply.</P><P>cloudguard&nbsp;vsec aws&nbsp;</P><P></P><P><IMG class="image-1 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/64454_pastedImage_1.png" style="width: 620px; height: 341px;" /></P></BODY></HTML> Tue, 10 Apr 2018 12:37:10 GMT https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37581#M3587 Luciano_Miguel 2018-04-10T12:37:10Z https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37582#M3588 <HTML><HEAD></HEAD><BODY><P>Luciano,</P><P></P><P>Would you mind showing the configuration steps that you've had to go through in order to implement this?</P><P></P><P>There was another discussion earlier regarding logging to CloudWatch:&nbsp;<A _jive_internal="true" class="link-titled" href="https://community.checkpoint.com/message/16943-re-log-exporter-guide?commentID=16943#comment-16943" title="https://community.checkpoint.com/message/16943-re-log-exporter-guide?commentID=16943#comment-16943">https://community.checkpoint.com/message/16943-re-log-exporter-guide?commentID=16943#comment-16943</A>&nbsp;</P><P>I am interested to know what other metrics it is possible to collect and process without parsing the logs from the CloudGuard.</P><P></P><P>Thank you,</P><P>Vladimir</P></BODY></HTML> Tue, 10 Apr 2018 14:10:02 GMT https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37582#M3588 Vladimir 2018-04-10T14:10:02Z https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37583#M3589 <HTML><HEAD></HEAD><BODY><P>Vladimir sure , I used the vpn metrics available in cloud watch , and CPU of ec2 CloudGuard instances .</P><P>These environment have two vpcs Transit and Security with Vpn connection on both sides , see picture . And another vpcs behind the security vpc.</P><P>From these dashboard we can see vpn status, CloudGuard health and tunnels traffic .</P></BODY></HTML> Tue, 10 Apr 2018 15:27:17 GMT https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37583#M3589 Luciano_Miguel 2018-04-10T15:27:17Z https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37584#M3590 <HTML><HEAD></HEAD><BODY><P>Luciano,</P><P>Thank you for replying.</P><P>When you are saying "see picture", are you you referring to the original metrics screen or were you planning to include a sketch of a diagram?</P><P>Also, please let me know if the "vpn metric available in cloudwatch" requires VPC flow configured to recognize the VPN traffic, or is it capable of doing it naively.</P><P>I suspect that the cloudwatch can recognize the VPN traffic, but it should not be able to differentiate between multiple VPN tunnels terminating on the same vSEC gateway without tighter integration with CP APIs.</P></BODY></HTML> Tue, 10 Apr 2018 15:38:56 GMT https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37584#M3590 Vladimir 2018-04-10T15:38:56Z https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37585#M3591 <HTML><HEAD></HEAD><BODY><P>Vladimir,</P><P>Let me explain better, I was talk about the first diagram, and my environment is distributed with below:</P><P>OnPremises&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;AWS Cloud</P><P>MyDatacenter &lt;&gt; Direct Connection Links &lt;&gt; AWS Transit VPC &lt;&gt; AWS Security VPC &lt;&gt; Spoke VPCs</P><P>The Dashboard showing the connections VPNs between VPCs:</P><P><SPAN>AWS Transit VPC &lt;&gt; AWS Security VPC</SPAN></P><P><SPAN>AWS Security VPC &lt;&gt; Spoke VPCs</SPAN></P><P><SPAN>For this reason we can see the VPNs metrics</SPAN></P><P><SPAN>We do not have external VPNs with CloudGuard ex: site to site vpns. But I believe that is possible include to CloudWatch Dashboard, but required&nbsp;the metrics customization or Flow export.</SPAN></P></BODY></HTML> Tue, 10 Apr 2018 18:38:36 GMT https://community.checkpoint.com/t5/Cloud-Firewall/AWS-CloudGuard-Monitoring-CloudWatch/m-p/37585#M3591 Luciano_Miguel 2018-04-10T18:38:36Z