Subscribe to the Blog

Get articles sent directly to your inbox.

After two years of shelter in place throughout much of 2020 and 2021 we welcomed back the in-person events in 2022, albeit, with some new safety measures. As the pandemic wanes, we are looking forward to attending in-person events again. We’re delighted to be sponsoring CPX 360 in New York. Can’t wait to be shaking hands, bumping elbows and looking people in the eye, we hope to see you there. 

With CPX 360 just a week away, we would like to provide an update and highlight some new features and a few of the most popular automation elements we developed in 2022. 

#1 Curated Grafana Dashboards

We collect close to 400 unique metrics for a Check Point secure gateway. Discerning usable information from so many data points can be difficult. We understand visual information much faster than any other form of information. Using data visualization to make sense of all that data makes it so much easier to digest the data.

Last year, we made a big investment in Grafana, a multi-platform open source analytics visualization web application. We developed many dashboards for Check Point secure gateways, management servers and VSX. We received a lot of positive feedback. Integrating Indeni and Grafana allows you to explore all the telemetry data and uncover insights that provide you with unprecedented visibility. 

Check out our latest dashboards… 

Check Point Secure Gateways

Check Point VSX Gateways

Check Point Management Servers

#2 New Automation Elements for Secure Gateways

Last year, we developed many new automation elements for Check Point devices. A few highlights:

  • Alert on microburst conditions
Related Article  Indeni 8.3 Deeper insight into your security infrastructure with analytics dashboard

The CPU spike detective tool monitors the system CPU usage and checks for spikes. Taking advantage of this new tool, Indeni wil alert using the algorithm described in sk166454

  • Support for SecureXL Fast Accelerator
  • Identity awareness support
    • Identity Collector Server connectivity
    • Alert if Identity Collector events = 0
  • Ensure CPU core load-balancing for VSX firewalls (based on sk169352)
  • Track log rate and alert if it approaches the platform limit
  • RBA (Role-based administration) errors detection – if a device is running without user RBA definition, running CLISH commands will lead to CLINFR errors

#3 More Maestro Support

With an increased number of customers taking advantage of Check Point Maestro Hyperscale Network Security to scale out their security infrastructure, we continued to increase our coverage for Maestro orchestrators and Maestro secure gateways. The automation spans a wide variety of use cases, all with problem avoidance as a primary goal.  

  • In-depth visibility with proactive alerting
  • High availability readiness
  • Security risks identification 
  • Best practices validation
  • Organization standards enforcement 
  • Ongoing maintenance

Last year, we added many new automation elements. A few highlights:

  • Track CPU usage per VS
  • BGP peer down
  • Support for SecureXL Fast Accelerator
  • Ensure threat prevention policy update was successful
  • Checkpoint Identity Collector server disconnected and alert if no events were detected
  • Dynamic dispatcher settings incorrect for CoreXL load balancing
  • Role-based administration errors detection
  • Missing Web access timeout configuration
  • Multi-queue disabled 
  • CPU microburst conditions detection
  • NTP service is down

#4 Identify the Traffic Causing High CPU Usage

One of the unique capabilities of Indeni is our ability to automatically triage problematic Check Point devices. Once Indeni identifies an issue, it can run its own investigative steps, the same ones that are normally run manually, without any human intervention. The steps can be as simple as gathering additional contextual diagnostics information, or as in-depth as analyzing and performing common troubleshooting tasks. The goal is to speed up resolution time by applying best practice procedures.

Related Article  Indeni 8.2 Analytics Dashboard & Network Security Automation

We made a major enhancement to the high CPU usage Auto-Triage Element (ATE). If high CPU usage is detected, and that CPU core is associated with a single VS or a single interface, the ATE will execute packet capture. It will extract top talkers to identify traffic directed to the CPU core causing high utilization.

There, you have our top picks for Check Point support in 2023. If you are planning to attend CPX 360 in New York on February the 9th, drop by our booth to talk to us about your Check Point secure gateway needs. 

BlueCat acquires Indeni to boost its industry-leading DNS, DHCP and IP address management platform to help customers proactively assess network health and prevent outages.

Related Article  Indeni 8.2 Analytics Dashboard & Network Security Automation