This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
cyberluke365
Contributor
Friday
Jump to solution

Identity Awareness daemon status

Hello,

I have two CheckPoint R81.20 Security Gateways with Take 53 and Identity Awareness blade enabled (just the Identity Collector as source):

Identity Awareness.png

 

All is working fine; however, I was trying to figure out how to check Identity Awareness service/daemon status.

According to sk97638 - Check Point Processes and Daemons the cpwd_admin list | grep -E "APP|PEPD" and cpwd_admin list | grep -E "APP|PDPD" should be used to see the status of Policy Enforcement Point daemon and Policy Decision Point daemon respectively.

The output of the two commands run on the Security Gateways returns nothing. It appears that the PEPD and PDPD processes are not running. 

However, if I run the command ps -ef | grep -E "pdpd|pepd", it returns:

 

xxxxx    30559 28679  2 Jun03 ?        3-13:23:29 pdpd 0 -t
xxxxx    30560 28679  0 Jun03 ?        00:45:30 pepd 0 -t

 

So, that means they are really running (as written, all is working fine) but they appear as child processes of the parent PID 28679 (that belongs to FWD daemon).

Is that a normal behavior? Perhaps the information provided in the SK needs to be interpreted in a specific way?

Thank you.

0 Kudos
2 Solutions

Accepted Solutions
the_rock
Legend
Legend
Friday
Jump to solution

I always found that info to be a bit deceiving, at least for pep/pdp. I check it with below commands from expert.

Andy

pdp status show

pep show stat

View solution in original post

the_rock
Legend
Legend
11 hours ago
In response to the_rock
Jump to solution

@cyberluke365 Hope that helped?

Andy

View solution in original post

0 Kudos
2 Replies
the_rock
Legend
Legend
Friday
Jump to solution

I always found that info to be a bit deceiving, at least for pep/pdp. I check it with below commands from expert.

Andy

pdp status show

pep show stat

the_rock
Legend
Legend
11 hours ago
In response to the_rock
Jump to solution

@cyberluke365 Hope that helped?

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events