This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
LaRockas
Participant
‎2020-02-13 06:52 AM

OPSEC LEA Permissions

Dear all , 

I would like to ask if anyone knows the access that potentially could have an OPSEC LEA client to SMS Gateway . 

Except the LEA Permissions TAB to the OPSEC Application Properties , where else i can find what kind of permission the remote client has when you configure it as OPSEC LEA Appl . 

Is it trusted to allow external partner  like Siem Vendor ,  to communicate with OPSEC LEA to the SMS server ? As you understand the SMS server has all the critical information like policies , etc. 

 

Any other link , pdf , doc to read would be helpful  

Thanks in advanced 

Makis 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2020-02-13 09:50 AM

LEA is for streaming logs to a third party.
The only thing you have access to via LEA is…logs and it's a push (not pull) mechanism.
I believe you can find more details in the OPSEC SDK documentation which is in SecureKnowledge.

Regardless, Log Exporter is the preferred, recommended method for integrating with SIEMs these days.
This uses standard syslog to export logs.
We will continue to support LEA but are not doing further enhancements to it.
0 Kudos
LaRockas
Participant
‎2020-02-13 11:52 PM
In response to PhoneBoy

Hi PhoneBoy ,

Thanks for your reply . I already started to read the SDK documentation .

Thanks

Makis

PS. Nice meeting you at CPX Vienna !
0 Kudos
PhoneBoy
Admin
Admin
‎2020-02-14 10:20 AM
In response to LaRockas

Pleasure to meet you as well 😁
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events