Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Dmitriy_Chazov
Contributor

(R80.10) CheckUp mirroring on different interfaces

Hi ChechkMates
I wanted to know how to correctly configure the solution, when we mirror the traffic of the customer from two points to 2 ports ChekPoint.

For example.
One point is the incoming Internet channel to the router (eth1) and the other is internal (eth2).

Question:
In the network topology, when we define interfaces, this is defined as the Internet eth1 (external) and eth2 (This Network) (Internal)?

0 Kudos
6 Replies
Thomas_Werner
Employee Alumnus
Employee Alumnus

 Hi Dmitriy,

setup is as usual for mirror ports. Our engine will reconstruct traffic from any mirror port you add.

But remember that you might inspect traffic twice hence you get two logs for the same traffic.

Regards Thomas

0 Kudos
Dmitriy_Chazov
Contributor

Hi Thomas Werner‌,

Yes, I remember about traffic, but still they did not answer about the topology.

0 Kudos
Thomas_Werner
Employee Alumnus
Employee Alumnus

Hi Dmitriy,

what do you exactly refer to ?

A mirror port does not have any topology.

Regards Thomas 

0 Kudos
Dmitriy_Chazov
Contributor

Thomas, I forgot to highlight the essence of the issue, see the question in the first post.

0 Kudos
Thomas_Werner
Employee Alumnus
Employee Alumnus

Dmitriy,

sorry I still do not understand your question.

Mirror Ports are always configured without topology. The packets simply arrive at these interfaces but do not leave via another interface. So there is no topology assignment possible. Therefore you need to set inspect policies to inspect all traffic.

Regards Thomas

0 Kudos
Dmitriy_Chazov
Contributor

Here is an example, see from 0.27, when the mirrored interface is redefined and set as "Internet (External)"

3.Check Point Security CheckUP R80.10. Настройка - YouTube 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events