Integrations

All Check Point clients must enable the Check Point Log Exporter feature to allow logs to be forwarded from the gateway or log server. Set the log format for the Check Point Log Exporter to Common Event Format (CEF) and aggregate all logs to the Check Point Management Server. Configure each Security Gateway to forward its logs to the Check Point Management Server so that it can process them. Doing so makes sure that the Illumio application receives a unified and complete view of Check Point data and confirms that the Check Point Management Server acts as a central point for sending logs to the Illumio application.

See Log Exporter and Configuring the Security Management Server and Security Gateways.

To onboard Check Point, you must have access to the Check Point Management Server CLI in Expert Mode.

You must enable mTLS between the Check Point Management Server and the Illumio syslog server to secure log transmission. The Illumio and Check Point integration uses mTLS secure connectivity. When you onboard, you will generate a client certificate that Illumio will sign and return to you.

To ensure that Illumio associates each log to the correct tenant, the onboarding process injects the Tenant ID value into the CEF logs using an automated script.

Activate Remote API Access. See Enable Remote API Access in Check Point.

Create a Security Management API Key. See Create an API Key for Quantum Security Management.

Create an administrator type user with read only, read and write, or super user permissions to allow Illumio to make API calls. See Create an Administrator User to Make API Calls.

Integrate the Check Point SmartConsole with the Check Point Infinity Portal.