|
The activities performed under Checkpoint Management
services are:
Central Monitoring services
- Current status of individual firewall modules.
- Centrally defining the Security Policies
for individual firewalls module and deploying
the same. Thus the rules defined for individual
firewalls are available at a central place for
viewing and modification.
- Centralized logging of Alerts and 'log data'
by the individual firewalls.
Management services
- Addition / Deletion / Modification rules
defining access control.
- Configuring Network Address Translation to
suite client requirements.
- Configuration of Site-to-Site VPN using Checkpoint
VPN-1 product.
- Configuration of Client to Site VPN using
Checkpoint VPN-1 product.
- Establishing High Availability using Checkpoint's
High availability module.
- Establishing necessary authentication mechanism
for critical services.
- Configuration of Alerts to notify situations
needing immediate attention.
Reporting
- Report on bandwidth usage / ftp transfers
/ telnet session etc
- Reports on top users
- Reports on most accessed sites
- Reports on top/least requested pages
The Reporting module of Checkpoint is used currently
for all reporting purposes.
Given below is a partial list of reports generated
on a daily basis using Checkpoint's Reporting
Module (Licensed separately).
General Network Use - Predefined
Reports
| Report
Name |
Description |
| Firewall
Modules Load Split |
Number
of bytes per Firewall Module |
| Hourly
split |
The number
of connections per hour |
| Last
Month Load |
The number
of bytes per day for allowed Connections. |
| Last
Two Weeks Comparison |
Compares
the total duration per day for the last
two weeks. |
| Main
Services Comparison |
The number
of connections per hour for Web, FTP
and Mail services |
| Service
Use Split |
The number
bytes per service for all network services. |
|
User/Group Activity - Predefined
Reports
| Report
Name |
Description |
| Cost
Estimation |
Cost
per Client for use of network services |
| Most
Active Clients |
Summary
of bytes and connections per client,
plus average duration per Client |
| User's
services use |
Frequent
users of Web, FTP, and Mail services |
|
Suspicious Activity - Predefined
Reports
| Report Name |
Description |
| Blocked Connections
details |
Details on connections
either dropped or rejected, showing
the total number of blocked connections
from each source |
| Failed authorization
connections data |
Details on failed
authentication attempt, including time,
user name, and service. Sample report
attached. |
| Failed authorization
connections graph |
Number of failed
authenticated connections per hour for
the previous day. |
| Service Split of
Blocked Connection |
Breakdown of blocked
connections by Service pie chart. |
|
A sample report used to check failed connections
is shown below
|
