This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Lijo_mathai
Contributor
‎2019-04-16 08:03 PM
Jump to solution

Port mirroring from gateway

Hi, Is there an option to mirror traffic from an interface on gateway to another interface, this is to pipe the traffic to a IDS appliance for log analysis. I would like to check the possible settings on R77.30.

 

Thanks

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2019-04-17 05:49 AM
Jump to solution

In R80.20 there is an option to mirror and forward decrypted HTTPS traffic the Security Gateway is doing HTTPS Inspection on.
Beyond that, we cannot mirror traffic to a different port, which is something a switch typically does.
We can operate on traffic received from a mirror port.

View solution in original post

0 Kudos
(1)
2 Replies
PhoneBoy
Admin
Admin
‎2019-04-17 05:49 AM
Jump to solution

In R80.20 there is an option to mirror and forward decrypted HTTPS traffic the Security Gateway is doing HTTPS Inspection on.
Beyond that, we cannot mirror traffic to a different port, which is something a switch typically does.
We can operate on traffic received from a mirror port.
0 Kudos
(1)
hughmcgauran
Explorer
‎2023-04-07 02:12 AM
Jump to solution

Looks like this is an option now - https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_Quantum_SecurityGateway_Guid...

Your Security GatewayCluster  / Security Group  clones all traffic (including HTTPS without decryption) that passes through it, and sends it out of the designated physical interface.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫