Manualshelf

User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S
201202203204205206207208209210
ManageEngine Firewall Analyzer :: User Guide
209
Zoho Corp.
The difference between the two ways are:
If you configure LEA connection, the logs will be collected automatically and processed
by the Firewall Analyzer. Whereas, if you want import the logs, manual intervention is
required. You need to export the syslogs in Check Point Management Station or from
Check Point Smart Tracker UI and then manually import the syslog file in Firewall
Analyzer.
Configuring LEA Connection
The following instructions will help you set up an authenticated or unauthenticated
connection between Firewall Analyzer and the Check Point Management Server. For
additional information please refer the Check Point documentation or contact Check Point
technical support.
For managing the LEA servers the configurations that needs to be done for the different
check point firewalls are explained below:
Setting up an Unauthenticated LEA Connection
Setting up an Authenticated LEA Connection
Setting up an Unauthenticated LEA Connection
Follow the steps below to configure an unauthenticated connection from the Check Point
Firewall:
Carryout the configuration in the Check Point Firewall Management Station.
1. In the FWDIR\conf directory on the computer where the Check Point Management
Server is installed, edit the fwopsec.conf file to include the following line:
lea_server port 18184
lea_server auth_port 0
2. Restart the firewall service
[4.1] fwstop ; fwstart
[NG] cpstop ; cpstart
3. Add a rule to the policy to allow the port defined above port 18184 (assuming
default LEA connection port) from the Firewall Analyzer machine to the Check
Point Management Server and vice versa.
4. Install the policy
Adding to LEA Server Lists on Firewall Analyzer
Once this unauthenticated LEA connection has been set up, follow the instructions for
Adding an LEA Server to the Firewall Analyzer.
If you are unable to view the Check Point Firewall reports refer the Trouble Shooting Tip.
Setting up an Authenticated LEA Connection
Follow the steps below to configure an authenticated connection from the Check Point
Firewall:
Carryout the configuration in the Check Point Firewall Management Station.
1. In the FWDIR\conf directory on the computer where the Check Point Management
Server is installed, edit the fwopsec.conf file to include the following line: