This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Exonix
Advisor
Monday

Add Quantum Spark 1900 Appliance to a management Server

Hello,

we have Quantum Spark 1900 Appliance [R81.10.15] and we need to add it to a management Server [R81.20], which located in another country und runs on a VM. The connection will go through Internet.

The first question: what is the best way to do this? I heard, if I add an Appliance, no existing rules will be copied to the Management server, as well as VPN connections. If it is true, how can I export them and import into the Management Server?

The second question: in Appliance we can set up the sending of logs to the Management Server, but the configuration requires "SIC one-time Password". If I set up sending logs, won't the log server also become a management server, and then I'll lose everything again (since the rules won't be copied)?

 

Thank you!

0 Kudos
6 Replies
Lesley
Mentor Mentor
Mentor
Monday

Central management requires SIC, in order to go from local to central appliance will be reset.

It should show this in the wizard. Rules you have to make manually in new management. 

maybe this video helps, bit older but still shows the trick

https://youtu.be/fI4mh28hnWw

Here you can see difference between local and mgmt:

https://support.checkpoint.com/results/sk/sk178604

 

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
Exonix
Advisor
Tuesday
In response to Lesley

I see... and since the process of switching to central management is not fast, I need a temporary solution for collecting logs, and therefore I have a third question. I have configured the appliance to send syslog to the "management server", I see that traffic is coming - but how can I view the logs themselves in the console? In particular, I'm interested in VPN connection logs, but I don't see anything in the standard logs console...

Thank you!

0 Kudos
Chris_Atkinson
Employee Employee
Employee
Tuesday
In response to Exonix

If it is raw syslog did you already enable "accept syslog messages" on the Management object and install database or some other approach?

CCSM R77/R80/ELITE
0 Kudos
Exonix
Advisor
Tuesday
In response to Chris_Atkinson

yes, i did

0 Kudos
Chris_Atkinson
Employee Employee
Employee
Tuesday

In the past if you wanted to have your logs from a locally managed SMB appliance visible in the central management then there was a process for this documented here: sk108437 - How to configure the External Security Log Server on Locally Managed SMB appliances I've not tested this on recent versions however.

CCSM R77/R80/ELITE
0 Kudos
G_W_Albrecht
Legend Legend
Legend
Tuesday

1st Q: You can not export any rules from local management, so this has to be set up freshly

2nd Q: These are two different things: You can just use the SMS as a log server or let it do both central management and log server. SIC is alwqays needed

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events