- CheckMates
- :
- Products
- :
- Quantum
- :
- Security Gateways
- :
- VSX Netflow data pr. vs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VSX Netflow data pr. vs
netflowvsx
Check Point VSX Netflow pr vs is not possible today. By design you only get netflow from vs0.
This this is problematic for us as an MSP because we need to get netflow from customer dedicated vs only and to the customers SIEM and ELK system. This is due most because of flow licensing in SIEM, and that we don´t want to give visibility to other customers netflow data.
Does anyone have any experience with filtering this out in tools like ELK or nfdump? Much appreciated if anyone want to share and discuss here
Check Point SK for Netflow
NetFlow support by Gaia OS - In the sk from Check Point you can identify which vs id the flow is coming from
Hopefully Check Point will redesign this so you can set netflow settting pr. vs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not familiar with a way to do this, but maybe someone else has.
Can see why this would be a useful feature to have.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Does this mean that this have been implemented? do you have some more information about this that you can share?
Best regards
Bjørn Andre Kaland
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That's what it appears to mean, but unfortunately I don't have details.
If it's of interest to you, I recommend getting involved in the EA.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sure and thats good.
But as an MSP i would like to configure one netflow system per VS as each VS belongs to a diff customer, and these customer do not always buys our service they just want the data so to say.
Similar to SNMP where i can configure diff users to be able to poll, and then allow them to poll the specific VS on its IP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there,
Is there maybe any tutorial how to do it.
I am using opmanager and as soon as i set netflow on any of the VSX or physical box i get flow from the VSX cluster and data seems bogus.
Regards, Ivan