Edge support for Check Point NGX R65's CLM

By Ralph Bonnell

Service Provider Takeaway: Check Point's NGX is the primary security software platform for the company's enterprise firewall, VPN and management solutions. NGX R65 is the newest release from the company. This section of the chapter excerpt, from Check Point NGX R65 Security Administration by Ralph Bonnell, explains in detail the edge support capabilities of the software platform.

Downlaod the .pdf of the chapter here.

The NGX R65 provides Edge support for the customer log module (CLM). This support will allow the administrator to choose the destination for the logs. The target can be the SCS; syslog is also supported.

Management Plug-In System

The NGX R65 introduces an additional infrastructure that enables the use of management plug-ins. The new plug-in architecture introduces the ability to dynamically add new features and support new products. Management plug-ins offer central management of gateways and features not supported by your current NGX R65 SmartCenter or Provider-1/SiteManager-1. Management plug-ins supply new and separate packages that consist only of those components that are necessary for managing new gateway products or specific features, thus avoiding a full upgrade to the next release.

Connectra Management

The NGX R65 is the first version to manage Connectra gateways centrally. This exposes Connectra to many more configuration possibilities than were available in previous versions.

Connectra Tab

SmartDashboard has a new tab for Connectra. All Connectra-related configurations are performed using the objects in this tab. The new Connectra tab in SmartDashboard contains a section for SmartDefense and Web Intelligence updates. SmartDefense and Web Intelligence configurations for Connectra are performed as part of "SmartDefense profiles." A Connectra-specific SmartDefense profile is used for all Connectra-related SmartDefense and Web Intelligence configurations.

Provider-1 Support

Provider-1/SiteManager-1 now supports Connectra objects (Connectra gateways, Connectra clusters, and Connectra cluster members). Provider-1 collects Connectra objects and their statuses, licenses, and packages from the CMAs to the MDS. Provider-1 then displays these collected objects in the MDG.

SmartView Monitor

SmartView Monitor can monitor Connectra gateways, and produce reports concerning statuses and activities.

Reprinted from Chapter one of Check Point NGX R65 Security Administration by Ralph Bonnell. Printed with permission from Syngress, a division of Elsevier. Copyright 2007. For more information about this title, please visit www.syngress.com.