Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Heath_Mote
Collaborator
Jump to solution

What do you use for monitoring Gateways/Management?

We are interested in setting up realtime monitoring of our gateways and management. I'm interested to know of systems being used successfully and ones that I should stay away from. 

Our networking group currently has Solarwinds NPM for monitoring routers, switches, APs, cell modems, etc. So that is available but we could go with another system for monitoring our Check Point devices.

I would be interested on the positives and negatives of using Solarwinds NPM, if there are ones out there with this experience. Any details you could provide either way would be appreciated.  

1 Solution

Accepted Solutions
Vladimir
Champion
Champion

NPM is a solid product and frankly, if you have an option of using a unified tool for overall network state monitoring, there is no reason for dedicated monitoring tools.

In the past, I've used french product LoriotPro SNMP monitoring software - SNMP Manager - network management  for total view of the network topology, dynamic alerting and visual state change representation for connections. I believe same could be achieved with NPM.

View solution in original post

13 Replies
Vladimir
Champion
Champion

NPM is a solid product and frankly, if you have an option of using a unified tool for overall network state monitoring, there is no reason for dedicated monitoring tools.

In the past, I've used french product LoriotPro SNMP monitoring software - SNMP Manager - network management  for total view of the network topology, dynamic alerting and visual state change representation for connections. I believe same could be achieved with NPM.

Heath_Mote
Collaborator

I was of the same mind set as well because our networking guys need to know what's going on with the firewalls as well. Thanks!

0 Kudos
Mark_Dezura
Explorer

We use Solarwinds NPM for many years and are very happy with it for both Checkpoint and other vendors products.

Heath_Mote
Collaborator

Good to hear and thanks for the reply!

0 Kudos
Bill_Ng
Collaborator

Hi Mark,

Did you happen to use VSX?  If so, were you able to get that setup within Solarwinds?  We would like to monitor our VSX contexts as well.  I'm having a heak of a time finding answers on how to set up.

Thanks,

Bill

0 Kudos
Maarten_Sjouw
Champion
Champion

I have been fighting this for a long time as well, we would like to be able to just monitor each VS by itself as if it where a normal FW, in our case with Spectrum/Oneclick, but this feature has been requested a long time standing but seems to become available with R80.20

Regards, Maarten
0 Kudos
zsh
Participant

Hi,
There is a workaround for this. Solarwinds will not allow you to create multiple targets with same IP on the same Poller. However you can change the IP after creating a target and it works.

So for example:
VSX GW = 1.1.1.1
You create new target device that should be VS (snmpv3, configure context etc) with dummy IP, for example 2.2.2.2
After this object is created, edit it, and change IP to 1.1.1.1.

Now you can poll the VS-es

0 Kudos
Bill_Ng
Collaborator

Thank Omar for the tip.  I'll have to give that a try.  I tricked Solarwinds as well by using different pollers with same VSX GW IP address along with the VS contexts.  I found that it only works on R80.10 gateways.  I couldn't get our R77.20 and R77.20 Virtual instances working that way.  I will give your method a shot and see what happens.  

0 Kudos
Vincent_Bacher
Advisor
Advisor

Check_MK is a nice monitoring tool for Checkpoint and other network equipment as well.

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
Claudio_Bolcato
Contributor

I'm using Check_MK as well  in combo with Observium. Both solutions work very well.

Kaspars_Zibarts
Employee Employee
Employee

We use OP5 mostly for switches and routers but also for reactive Check Point monitoring and then in-house developed tool for pro-active maintenance (health checks etc) as it's hard to find tool that fits perfectly to one's needs Smiley Happy

But we are trialing Backbox now to see if we can get rid off the in house development

Aaron_Tebo
Explorer

I like using LogicMonitor to monitor my gateways.  With LogicMonitor I can get notified when our Active/Passive HA pair moves from FWA to FWB.  It also shows a bunch of statistics like current connections, packets processed, VPN traffic and your typical SNMP info.  The nice thing is it just auto discovers all this info.

Larry_Chisholm
Participant

Make sure you use this article when attempting to monitor passive nodes

https://www.51sec.org/2015/07/checkpoint-standby-cluster-member-interface-not-reachable/ 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events