cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Cloud

Covering Check Point's Cloud Security Solutions. See also our SD-WAN Solutions space.

andy_currigan
andy_currigan inside CloudGuard IaaS yesterday
views 320 6

Cloudguard backend routing problem

We're installing a CloudGuard IaaS High Availability using the latest deployment guide.We experience problem on the internal routing, the internal load balancer, automatically created with the template, seems not to route the traffic to the cloudguard appliance.On the management we do not see any traffic logs but if we configure a cluster ip address on the checkpoint backend network  using the address that should be configured to the backend-lb (.4) suddenly we see the traffic on the management, even the traffic from internet...The routing table assigned to the backend subnets and the routing on the checkpoint are configured as described on the guide. (strange that checkpoint route to a phantomatic .1 address and the internal subnets route to the backend loadbalancer ip .4)Any idea how to debug and solve this problem?ThanksAndy 
Offir_Zigelman
inside CloudGuard Dome9 Friday
views 87
Employee+

New CloudGuard Dome9 Compliance Entity: AWS ElasticSearchDomain

Dome9 now supports AWS ElasticSearchDomain as an entity in the Compliance Engine. AWS ElasticSearch is a fully managed ElasticSearch service. The new entity allows to reason on different aspects of the search domains, such as encryption state, access policies, logging and various deployment and backup configurations. GSL Examples: Make sure the data is encrypted at rest:ElasticSearchDomain should have encryptionAtRestOptions.enabled = true Make sure the data is encrypted in transit:ElasticSearchDomain should have nodeToNodeEncryptionOptions.enabled = false Enforce creation of ElasticSearch instances in VPCs:ElasticSearchDomain should have vpc
Michael_Thompso
Michael_Thompso inside CloudGuard IaaS Wednesday
views 149 1

Enable Monitoring Blade on Cloudguard through API

Hello everyone,I am using the CME service to provision my scaleset and autoscaling group gateways in Azure and AWS respectively . How can I enable the Monitoring Blade on newly provisioned gateways through the CME? I know that if a feature can be configured using set-simple-gateway it should be configurable using the CME service but in this case I don't see an option to enable the Monitoring Blade.  How can I configure this?Thanks
James_Lim
James_Lim inside CloudGuard SaaS Wednesday
views 183 1

Cloudguard Saas logs

How long can the logs be stored on the portal?
Offir_Zigelman
inside CloudGuard Dome9 a week ago
views 170
Employee+

New CloudGuard Log.ic: map zoom in/out buttons

The Log.ic Network Activity (VPC Flow Logs) map now supports zoom in and out buttons, which can be used to focus on specific elements in large environments.
James_Lim
James_Lim inside CloudGuard SaaS a week ago
views 182

Cloudguard Saas logs storage size

How long can CG Saas store logs?
Offir_Zigelman
inside CloudGuard Dome9 a week ago
views 196
Employee+

New CloudGuard Dome9 Feature: Bulk update Azure credentials

Dome9 now allows to update all Azure subscriptions with the same App Id in a single Bulk Operation. This capability allows to change the credentials for all the subscriptions on the same Azure tenant (that use the same App for the onboarding) while changing the credentials for one of the subscriptions.
Offir_Zigelman
inside CloudGuard Dome9 a week ago
views 200 1
Employee+

New CloudGuard Log.ic feature: Activity Timeline

Log.ic now supports activity timeline. Activity timeline shows a list of activities that were preformed on the selected resources by time. The timeline allows to investigate what actions were performed by the different users and resources in the account over the selected time period. The timeline can be used in numerous scenarios. Here are some examples: Track the activity of a resource over time ("show me all the actions of a specific user/service"). Track all actions that were performed on a resource over time (i.e. "who accessed/changed the configuration/data of the resource"). An investigation can be conducted following any type of alert, including the Dome9 Compliance Engine. It can also be used alongside the Log.ic "network activity" module. For example, in case of a Dome9 Compliance alert that reports on an exposing a resource to the internet, the timeline can be used to track which user performed the action, what were the actions that preceded the security group modification, as well as the actions that were performed afterwards. The network activity can be used to track the traffic patterns that entered the VPC following the exposure.   To view the timeline, select a node in the "Account Activity" map. Then select the "Timeline" tab in the information panel to the right. Clicking on an action would present a dialog that allows to use the action in the GSL that generates the view, or open the activity log. The lower part of the information panel allows to filter by user agents.
BLD
BLD inside CloudGuard IaaS a week ago
views 276 4

Migrate from AWS vSEC R80.10 to R80.30

We have been using vSEC R80.10 succesfully in AWS. One instance with both gateway and management.We got a notice that it will no longer be supported so we got the new R80.30 AMI from the AWS Marketplace.We activated our licenses but it seems the new AMI does not include the management server. It says in the marketplace description:"This BYOL distributed security gateway is managed from a central Security Management Server, which provides consistent security policy management, enforcement, and reporting AWS and hybrid deployments within a single pane of glass. The Security Management Server is not included in this offering. Please choose one of the CloudGuard IaaS Security Management offerings in AWS Marketplace."Does this mean we now have to runt TWO EC2 instances instead of one?  This would double operating costs.Any help to clarify this will be greatly appreciated.  
Nicholas_Sherid
Nicholas_Sherid inside CloudGuard IaaS 2 weeks ago
views 1640 10 2

Data Center Object Enforcement in Azure

Hi forum!My management server has been integrated with azure (I set up the data centre server). I can read all the objects in Azure.  (I'm running R80.10 gateway and mgt)I have set up Identity Awareness too.My gateways are not enforcing the rules I have created with datacentre objects! Everything looks perfect on the management server, I can even see the IP addresses dynamically associated with the tags!!I need some help figuring out why the gateways are not enforcing the rules.I have looked all over for this - and I have a case raised, but TAC have gone a bit quiet!Anyone help me with locating the documentation for this?  I have looked everywhere.When I do a "pep show user all" (not sure if this shows output on azure integration) i get nothing on the gateway - whcih makes sense. Are there any logfiles?  I have checked /var/log/messages - nothing!Thanks!
Marina_Segal
inside CloudGuard Dome9 2 weeks ago
views 258
Employee

CloudGuard Dome Integration with Microsoft Azure Security Center

The integration between Azure Security Center and Check Point CloudGuard Dome9 provides a seamless experience to customers in protecting their Azure environments against advanced cyber-threats and mitigating compliance risks at any scale. We now can send Cloud Guard Dome9 findings to Azure Security Center and allow seamless consumption of Security Posture and Compliance findings in Azure Security Center.   To enable integration you can configure Notification Policy in Dome9 Compliance Engine: For more details on how to setup CloudGuard Dome9 Notifications - click here.   Once Notifications Policy is configured, you will be able to view the alerts in you ASC console: Dome9-ACS integration Please use the new capabilities, we'd love your feedback!   Marina Segal Head of Product Management | Cloud SecOps and Compliance    
Eugene_Tcheby
inside CloudGuard IaaS 2 weeks ago
views 329 1 4
Employee+

Upgrading a Checkpoint Cloudguard VMSS (Scaleset) from R80.20 --> R80.30 in Azure

Cross posting from "General Management Topics"  As R80.10 and R80.20 images are soon to be delisted from the Azure Marketplace, I put together a step-by-step guide with screenshots on how to upgrade a Cloudguard VMSS (Scale Set) from R80.20 to R80.30 in Microsoft Azure - with R80.20 Management. This "how-to" is based on the new procedure from the Admin Guide which you can find here: https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_VMSS_for_Azure/html_frameset.htm?topic=documents/IaaS/WebAdminGuides/EN/CP_VMSS_for_Azure/216060 Your feedback and comments are appreciated.  Find original post below https://community.checkpoint.com/t5/General-Management-Topics/How-to-Upgrade-a-Cloudguard-VMSS-Scaleset-Solution-from-R80-20/m-p/64866#M9996  
PhoneBoy
inside CloudGuard IaaS 2 weeks ago
views 2502 4 10
Admin

R80.10 CloudGuard IaaS High Availability for Microsoft Azure

Most current version of this document will be here: Check Point CloudGuard IaaS High Availability for Microsoft Azure R80.10 Deployment Guide 
Offir_Zigelman
inside CloudGuard Dome9 2 weeks ago
views 254
Employee+

New CloudGuard Dome9 Public Preview: New Dashboards

We're happy to introduce the new Dome9 dashboards! The dashboards provide new, powerful capabilities to present information from various sources. The dashboards can present information in various formats and breakdowns, such as "Top" (i.e. "cloud accounts with most alerts"), pie charts (i.e. "breakdown by severity"), and "latest" (i.e. "latest generated findings"). The dashboards can be filtered according to needs, and allow you to focus on information relevant to the current logged in user. For example, you can filter the dashboard to focus on specific cloud platform, region, or type of entities. We provide default "Dome9" dashboards, starting with the Compliance alerts. The dashboards are customizable - you can create your own dashboards. Dashboards are saved with the applied filters, this allows to create dashboards for specific use cases. For example: "The state of Serverless", focusing on the security posture of serverless services; "GDPR Dashboard", focusing on alerts that are relevant for specific compliance frameworks; "My Team Dashboard" that would present information that is relevant for my team only; and more. Clicking on the data leads you to the alerts console, filtered according to the clicked element. The new Alerts Dashboard is now the default view of alerts. You can switch to the alerts tab and look at the "raw" alerts information.   Please use the new capabilities, we'd love your feedback!
Itamar-cohen
inside CloudGuard IaaS 2 weeks ago
views 463 2 1
Employee

CloudGuard IaaS Product Announcement - Cloud Management Extension (CME) Take 66 Release

Hi,   I'm happy to inform of our latest update of Cloud Management Extension (CME). Take 66. In this release, you can find For Azure Improved handling of API request throttling in Azure Minor fixes For AWS Autoscaling: integration with Network Load Balancer new listeners - UDP and UDP_TCP Transit VPC: spoke-routes and export-routes are now configured via the autoprov_cfg tool TGW: GW can be configured to re-advertise desired spoke routes over BGP back to the TGW (for Direct Connect) TGW: Gateways can be configured to automatically set static routes on their instance route table For all platforms Set a prefix to all SmartConsole objects created by the CME. For more information type 'autoprov_cfg set template -h' and look under '-pn' Added the CME take number to version’s information (through ‘autoprov_cfg –v’ and cme_menu) Fixed degradation inserted in Take 55 - Custom gateway script (-cg Flag) is now supported on AWS and GCP and not just Azure Please, note that a new limitation was added - Automatic HF deployment and setting a prefix to all SmartConsole objects' features cannot be activated in parallel for the same controller.   Download Information: CME is provided as a CPUSE package and available for online or offline installation. Follow the installation instructions in sk157492 to install or update CME.   Related SKs/Documentation: sk157492 – CME (Cloud Management Extension) for CloudGuard Latest Updates CME Admin Guide sk139213 – CloudGuard for NSX-T: Service Insertion at the Edge & Service Chaining CloudGuard for NSX-T
In This Category
CloudGuard SaaS

<p>CloudGuard SaaS is Check Point's <a href="https://www.checkpoint.com/products/saas-security/" target="_blank">SaaS Security</a> solution. This space also includes discussion related to our legacy SandBlast Cloud for Office 365 solution. </p>

CloudGuard Dome9

<p>CloudGuard Dome9 is Check Point's <a href="https://www.checkpoint.com/products/cloud-security-orchestration/" target="_blank">Cloud Security Orchestration</a> solution.</p>

CloudGuard IaaS

<p>CloudGuard IaaS is Check Point's solution for <a href="https://www.checkpoint.com/products/iaas-public-cloud-security/" target="_blank">Public Cloud Network Security</a>.</p>

Category Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.