Comment List
  • R80.10 support is now available with the Check Point Syslog connector.  This version support will not be added to the Check Point OPSEC NG connector, for which support will be ending in 2018 (Check Point does not support 64-bit platforms for Check Point OPSEC and at some point in 2018, only 64-bit support will be provided for connectors).

  • "No, R80 support is not yet available."
    When expected?
  • No, R80 support is not yet available.

  • Hi All,

    Is the latest Checkpoint version R80.10 is supported by ArcSight smart connector..?

  • The reference should have been to "Pull the Certificate -- sslca", not "Pull the Certificate -- sslca and ssl_opsec". We have update the configuration guide, which will be available with next release.  The certificate doesn't need to be pulled for ssl_opsec.  Sorry for the confusion.


  • Page 20, Step 3.  Directions A, B, C, and D.  "C Go to "Pull the Certificate – sslca and ssl_opsec" and follow the procedure documented. Then continue with step 3E."  This does not exist.  Pull Certificate - sslca does but not for ssl_opsec.  If we are suppose to do the same whither you use sslca or ssl_opsec, it would be nice if that were clarified.  Then also state on step C for SSL_OPSEC that one needs to do Step D as well.

    Am I missing something?

  • Anti Malware fields are not populated as this pdf tells:

    Device Custom String 1 malware_rule_name
    Device Custom String 2 Protection Type
    Device Custom String 3 protection_id
    Device Custom String 4 Protection Name  (FAIL... this is RULE UID)
    Device Custom String 6 scan direction (FAIL, this is Policy name)

    Any info about New Anti Virus mappings?

    Custom string 4 has rule uid... (?)

    Custom String 6 has policy name...(?)

  • You can find out changes to any configuration guide by referring to the Revision on page 2.  For this update:

    Added support for Identity Awareness events in R77. Added information about installing the PAM package for connectors running on CentOS 6.5, 6.6, 7.0 or 7.1 and RHEL OS 6.5 or 7.0.

  • Hi Ingrid,

    What changes has been made on the document ?



  • The CheckPoint connector configuration guide has been modified and now, the correct mapping information is populated:

    Destination Service Name= One of (service, Service_name, app_Name, service_id)



Related Discussions