- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
I am interested in getting some feedback on our current set-up. We are only new to Check Point and have deployed both a Firewall Solution and an End Point Solution. At the moment these are two separate setups. The Firewall Solution is on R80.10 and the End Point is on R77.30.03, each with their own Management and Log Server (I have included more detail below).
Overall we love the product, particularly the reporting and management in R80.10. The management and reporting on End Point though is proving to be a little frustrating. Our main issues are:
My questions are:
What is everyone else doing that has both Firewalls and End Point? Are you running separate environments or have you unified on R80.10 or stayed with R77.30.03?
What would you recommend for us? We use the Sandblast Agent (to help protect users outside the Network). I have been thinking of moving End Point to R80.10 but have had a couple of trusted sources recommend we wait for R80.20.
The details of our current Set-up are below:
End Point Set-up
Main Server
Hardware: Open Server
Version: R77.30.03
OS: GIA
Configured options
Network Policy Management
Endpoint Policy Management
Logging & Status
Management & User Portal
Provisioning
Smart Event Server
Smart Event Correlation Unit
Remote Site
Hardware: Open Server
Version: R77.30.03
OS: GIA
Configured options
Network Policy Management
Endpoint Policy Management
Logging & Status
Firewall Set-up
Management Server
Hardware: SMART-1
Version: R80.10
OS: GIA
Configured options
Network Policy Management
Logging & Status
Provisioning
Compliance
Smart Event Server
Smart Event Correlation Unit
This server manages 5 Firewalls that make up our organisation. The majority of these devices are on R80.10. There are a couple of 1450 devices still running R77.20
Hi Nev,
First of all : yes, at this time, r80 management versions cannot deal with sandblast agent :
So yes : if you're using such functionality (and you should do ), you must have those two separate environment.
But, I think you can send logs from your Security Management Server (SMS) dedicated to Endpoint Security to your R80.10 SMS in order to take advantage of the R80.* GUI and smartevent blade.
For Endpoint Security, don't hesitate to check sk117536 Endpoint Security Homepage dedicated to this solution.
You can also check in order to understand what Endpoint client version are compatible with what SMS version.
Because you're new, maybe you're not aware about using RSS feeds of your preferred documentation ?
Check the RSS feed of this sk :
Any new updates will be received on your RSS app
We do plan to unify Endpoint and Network Management in R80.20.
That said, you should be able to connect the Endpoint and Network Management so they share logs and objects.
I plan to unify Endpoint and Gateway SMS with R80.20 very soon as well, building new open server in vmware as we speak with much larger disk and will get the new xfs file system. I am trying to stay up to date on any emerging issues in the next week. Thanks to all that post on this subject matter.
Best,
Dan
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY