Subscribe to the Blog

Get articles sent directly to your inbox.

Device Backup Daily Digest 

Device backup is an important task for organizations to ensure their security infrastructure is safe from failure and disruption. With all backups though, you are only as safe as your last successful backup. There are many horror stories of setting up a backup routine and for whatever reasons that backup routine fails. Sadly, no one notices for an extended period of time until a restore is actually needed. 

With the new device’s backup daily digest feature, success and failure notifications will be sent daily. This adds a layer of protection to your automated backup routine that you may not think you need, until you actually do. 

To enable the feature, you provide a list of email addresses of the recipients. The system will send automated email notifications every day at midnight. The email will identify if the backup job is successful, or a backup failure occurs. If the report is empty, that means a backup job did not run on that day.

For information about the configurations involved in enabling the device backup daily digest capability, please refer to the Indeni 7.0 User Guide – 5.3 Device Backup.

What’s New with Check Point Device Automation? 

  1. New Check Point Release

Support for Check Point devices now extends from earlier versions of GAiA to the latest release R81.10, which was released in July 2021. R81.10 brings a major improvement in operational security efficiency across the management server’s reliability, performance, and scale. For more information, visit Check Point Support Center

  1. New Auto-Detect Elements for Check Point devices
Related Article  Security Infrastructure Automation for Check Point Firewalls

In this release, we added many new ADE’s to detect the following conditions: 

  • SecureXL DoS deny list disabled.
  • SecureXL DoS rate limit disabled.
  • SecureXL DoS log IP penalty box disabled.
  • SecureXL DoS log drops disabled.
  • SecureXL DoS pbox disabled.
  • DoS blade penalty box drop counter is 0.
  • DoS_pbox entries appear in a whitelist of IPs.
  • Alert on Multi-Domain Security Management (MDS) API Status.
  • Monitor VS0 logs for issues with fwkern.conf.
  • Add monitoring for SFP interfaces.
  • Alert if the number of BGP routes is 0 on the active cluster.
  • Concurrent Connections per blade.
  • Concurrent connection nearing system limit.
  • Add capacity to the “interface nearing maximum Rx/Tx throughput” rule. In addition to showing the % capacity used, the actual bandwidth is included.
  1. Enhancements to Check Point Auto-Detect Elements 
  • Add capacity to the “interface nearing maximum Rx/Tx throughput” rule. In addition to showing the % capacity used, the actual capacity is included. 
  • List which interface(s) are down for the “(Non VSX) Required interface(s) down” and (VSX) Required interface(s) down” rules. 

Reminder

Starting version 7.7.1, the minimum system requirements have been changed from 6GB/4-core to 8GB/4-core. For more information, please refer to the “1.1 Requirements” page. 

Click to download the latest list of Check Point Maestro Auto-Detect Elements