Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sergey_Anikeev
Contributor

SVC logs

Colleagues, hello!
Can you tell me, if it is possible to see the failed test SCV events in the gateway side logs?
We need "Not compliance" events on the user side to be displayed in the log server.


We use Secure Configuration Verification (SCV) for MAB VPN clients.

0 Kudos
10 Replies
G_W_Albrecht
Legend
Legend

According to sk147416 - Secure Configuration Verification (SCV) this should be possible!

CCSE CCTE CCSM SMB Specialist
0 Kudos
Sergey_Anikeev
Contributor

I have configured this SK, however, all that I see is ->1.JPG

0 Kudos
G_W_Albrecht
Legend
Legend

Sorry, i missed that you use SSL VPN (MAB) - SCV is only possible using IPSec VPN clients that enforce a Desktop policy. 

sk147416: The compliance checks is supported by Endpoint Security Client, Check Point Mobile for Windows, Full Suite version. According to Remote Access Clients for Windows 32/64-bit Administration Guide E80.72 and Higher (page 13).

CCSE CCTE CCSM SMB Specialist
0 Kudos
Sergey_Anikeev
Contributor

I apparently did not write exactly.
We use Mobile Access VPN Clients for Windows

2.JPG

0 Kudos
G_W_Albrecht
Legend
Legend

You must use the first option. EPS VPN ! SCV is only possible using IPSec VPN clients that enforce a Desktop policy. CP Mobile has no Desktop Policy (see sk73600 - Check Point Mobile fails to connect due to SCV  and  firewall policy check sk147416 - Secure Configuration Verification (SCV)).

CCSE CCTE CCSM SMB Specialist
0 Kudos
Sergey_Anikeev
Contributor

However, in this client I have a check.

1. A certain process is launched (the check was successful)

2.JPG

2. If a certain process is not found (the check was not successful):

1.JPG

Accordingly, the client either receives access via VPN or not.

0 Kudos
G_W_Albrecht
Legend
Legend

This was what i could find - i know that sk67820 lists Security Verification for Endpoint Devices also with Mobile and MAB / SNX, but sk73600 - Check Point Mobile fails to connect due to SCV firewall policy check and sk147416 - Secure Configuration Verification (SCV) state that SCV is only possible using Desktop policy. So better ask TAC !

CCSE CCTE CCSM SMB Specialist
0 Kudos
Sergey_Anikeev
Contributor

Thank you!

0 Kudos
si-infra-trt5
Explorer

Hello,

We´re planning to apply SCV in our environment in our organization. We would like to collect failed test SCV events centrally so we can view these events in Log View.

I checked sk147416 but it says "Deleted. This SK no longer exists".

Is this is information about viewing failed SCV logs in other documentation?

Thank you

0 Kudos
_Val_
Admin
Admin

The SK is deleted because the info is moved to the RAS Client Admin guide: https://sc1.checkpoint.com/documents/RemoteAccessClients_forWindows_AdminGuide/Content/Topics-RA-VPN...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events