Topic Thread

Expand all | Collapse all

Checkpoint OPSEC LEA Integration

  • 1.  Checkpoint OPSEC LEA Integration

    Posted 14 days ago

    We have been trying to integrate Checkpoint Firewall logs from Smart Console via OPSEC API. We successfully pulled the certificate from "opsec_pul_cert" CLI tool but we have an issue when trying to pull the certificate from FortiSIEM GUI.

    FortiSIEM 5.3.0
    Checkpoint R80.10

    Did anyone come across with this issue before?


  • 2.  RE: Checkpoint OPSEC LEA Integration

    Posted 8 days ago
    Hi Isru,

    CheckPoint can be interesting to integrate with due to certificates, certificate hashing and CheckPoint architecture. 

    Simple things to check:

    Make sure connectivity is available to CP from FSM Super or Collectors.
    Are you using SmartCenter or is it CLM, MLM, CLA.
    Check what version of CheckPoint is running.

    Probably a more straightforward way to integrate is to forward events from CP in Syslog CEF format, this is supported by FortiSIEM and CheckPoint supports this now.

  • 3.  RE: Checkpoint OPSEC LEA Integration

    Posted 7 days ago
    Hi Daniel,

    Thanks for the update. There's no connectivity issue. We are using "Checkpoint SmartConsole" for "R80.10" Firewalls.

    I will look into syslog as well.


  • 4.  RE: Checkpoint OPSEC LEA Integration

    Posted 3 days ago
    Hi Daniel,

    Regarding the Syslog Forwarding... Were you referring to this kind of a scenario ( or the 'Checkpoint log exporter' ??