🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Check Point Integration Guide

integrations network check point


A Check Point management server must be running a supported version to be configured to send logs via syslog to the Taegis™ XDR Collector using Check Point Log Exporter. You can find the supported versions in this Check Point Log Export Guide.

Connectivity Requirements

Source Destination Port/Protocol
Firewall_interface Taegis™ XDR Collector (mgmt IP) TCP/601

Data Provided from Integration

  Antivirus Auth DHCP DNS Email Encrypt File HTTP Management Netflow NIDS Process Thirdparty
Check Point Firewall V D         D   D     V

Y = Normalized | D = Out-of-the-Box Detections | V = Vendor-Specific Detections

Note

Taegis™ XDR detectors are not guaranteed to be triggered, even if a data source's logs are normalized to a schema associated with a given detector. However, you can create Custom Alert Rules to generate alerts based on normalized data from a data source.

Configuration Instructions

To configure Check Point logging using Check Point Log Exporter, follow the guide provided by Check Point. Consider the following requirements when completing the configuration steps:

 

On this page: