Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Di_Junior
Advisor
Advisor

Supervision of Check Point Firewall

Dear Mates

We have a large check point infrastructure and we wish to give some tasks to our supervision which also happens to be the first level of support in the company. I would like to know  based on your experience or the company you work for, how are things segregated. For example I don't want them to do any configuration, so what tasks should I give to a supervision which is also the first level of support. 

Thanks in advance

 

0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee

 

Some suggestions:

1.) Monitoring of SmartView Dashboards via Web browser / Wall boards.

2.) Leverage APIs to abstract / automate other tasks via Web services.

3.) Health & availability monitoring via NMS etc

CCSM R77/R80/ELITE
Di_Junior
Advisor
Advisor

Thanks Chris
0 Kudos
Timothy_Hall
Champion
Champion

I suppose you could give them a SmartConsole login with a read-only permissions profile, but I would be concerned about user privacy by letting them look at logs/reports.  You can create a custom permissions profile that would only give them access to the Gateways & Servers and Security Policies tabs read-only.  This would let them see the status and utilization of gateways as well as look at security policies to determine if a certain type of traffic is allowed.  There isn't really a need to grant access to the Manage & Settings tab either in my opinion.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
Di_Junior
Advisor
Advisor

Thanks Tim
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events