Policy mismatch across cluster members for Check Point

Vendor

Check Point

Description

Indeni will identify when two devices are part of a cluster and alert if the policy installed is different.

Remediation Steps

Review the policy installed on each device in the cluster and ensure they are the same.Normally the management server ensures the same policy was installed on all cluster members. It's possible the checkbox for ensuring this was unchecked in the most recent policy installation. Please re-install the policy.

How does this work?

An MD5 hash is calculated along with the policy name.

Why is this important?

If all members of a cluster do not have the same security policy installed, unexpected issues can arise after a failover.

Without Indeni how would you find this?

An administrator could login and manually check which policy is installed, and when it was installed, comparing between all cluster members.

View Source Code
single