This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sergey_Anikeev
Contributor
‎2022-05-25 06:59 AM

SVC logs

Colleagues, hello!
Can you tell me, if it is possible to see the failed test SCV events in the gateway side logs?
We need "Not compliance" events on the user side to be displayed in the log server.


We use Secure Configuration Verification (SCV) for MAB VPN clients.

0 Kudos
11 Replies
G_W_Albrecht
Legend Legend
Legend
‎2022-05-25 07:16 AM

According to sk147416 - Secure Configuration Verification (SCV) this should be possible!

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Sergey_Anikeev
Contributor
‎2022-05-25 07:49 AM
In response to G_W_Albrecht

I have configured this SK, however, all that I see is ->1.JPG

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-05-25 11:01 AM
In response to Sergey_Anikeev

Sorry, i missed that you use SSL VPN (MAB) - SCV is only possible using IPSec VPN clients that enforce a Desktop policy. 

sk147416: The compliance checks is supported by Endpoint Security Client, Check Point Mobile for Windows, Full Suite version. According to Remote Access Clients for Windows 32/64-bit Administration Guide E80.72 and Higher (page 13).

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Sergey_Anikeev
Contributor
‎2022-05-25 12:26 PM
In response to G_W_Albrecht

I apparently did not write exactly.
We use Mobile Access VPN Clients for Windows

2.JPG

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-05-30 01:07 AM
In response to Sergey_Anikeev

You must use the first option. EPS VPN ! SCV is only possible using IPSec VPN clients that enforce a Desktop policy. CP Mobile has no Desktop Policy (see sk73600 - Check Point Mobile fails to connect due to SCV  and  firewall policy check sk147416 - Secure Configuration Verification (SCV)).

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Sergey_Anikeev
Contributor
‎2022-05-30 01:18 AM
In response to G_W_Albrecht

However, in this client I have a check.

1. A certain process is launched (the check was successful)

2.JPG

2. If a certain process is not found (the check was not successful):

1.JPG

Accordingly, the client either receives access via VPN or not.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-05-30 01:41 AM
In response to Sergey_Anikeev

This was what i could find - i know that sk67820 lists Security Verification for Endpoint Devices also with Mobile and MAB / SNX, but sk73600 - Check Point Mobile fails to connect due to SCV firewall policy check and sk147416 - Secure Configuration Verification (SCV) state that SCV is only possible using Desktop policy. So better ask TAC !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Sergey_Anikeev
Contributor
‎2022-05-30 01:43 AM
In response to G_W_Albrecht

Thank you!

0 Kudos
si-infra-trt5
Explorer
‎2023-08-10 11:36 AM
In response to G_W_Albrecht

Hello,

We´re planning to apply SCV in our environment in our organization. We would like to collect failed test SCV events centrally so we can view these events in Log View.

I checked sk147416 but it says "Deleted. This SK no longer exists".

Is this is information about viewing failed SCV logs in other documentation?

Thank you

sk147416_no_longer_exists.png
Preview file
41 KB
0 Kudos
rochim
Participant
2 weeks ago
In response to _Val_

Hi Val,

output from your link is not found. 

any update for this topic? 

if it is possible to see the failed test SCV events in the gateway side logs?
We need "Not compliance" events on the user side to be displayed in the log server and create the report from that log.

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top