Skip to main content

Integrations

Check Point Firewall Rule Writing Overview

Firewall Insights provides agentless visibility across data centers and clouds by enriching firewall logs with policy data, asset information, and risk assessments. It supports all Insights widgets without requiring additional agents or applications. For complete policy context, you can optionally connect the API. These integrations are currently supported: Check Point, Palo Alto Networks, and Fortinet.

Visibility and Policy Enforcement with Firewalls

  • Connect to CheckPoint and Fortinet firewalls

    APIs are used to sync the list of firewalls and firewall policies. Firewall logs are imported through syslog.

  • Export Illumio labels to firewalls

    Continuously sync labels and label to IP mapping to firewalls and enable label based rules in firewalls.

  • View firewall traffic on the Unified Map

    Firewall traffic logs are aggregated as traffic in the Unified Map.

  • Write automated firewall rules

    Illumio writes firewall rules upon policy provision. Single and multiple labels are supported for source and destination.

Firewall Integration User Flow

Step 1: Download the Illumio Firewall Orchestrator

As an administrator, enable the API connector and install the downloaded firewall orchestrator on-premises.

Note

Only one orchestrator is permitted for each firewall management server.

Result: Connection is Initiated with the Illumio Connector

The firewall orchestrator initiates a connection with the Illumio common connector, allowing on-premises deployment with no changes to your existing firewall policies.

Step 2: Forward firewall flow logs to Illumio

As an administrator, configure the firewall management server to forward firewall flow logs to Illumio.

Step 3: Configure the firewall management server to fetch labels

As an administrator, configure the firewall management server to fetch Illumio labels and labels to IP mappings, and then create firewall objects.

Firewall Orchestrator Post Configuration Actions

As a result of configuring the firewall orchestrator, policy updates are calculated and applied to the appropriate firewalls.

Policy Update Calculated

Whenever a policy is provisioned, Illumio calculates the policy update and identifies the firewalls impacted by this policy. It then pushes these updates to the relevant firewall orchestrator.

Firewall Rules Programmed to Each Management Server

The firewall orchestrator sends firewall rules to each management server, which then deploys the policy to the appropriate firewalls.