Check Point Devices

A Check Point CMA or MDS must be onboarded before adding any Check Point device, including Edge, Firewall, Log Server, and VSX. Once the CMA or MDS is onboarded, all associated Check Point devices are automatically discovered.

After a device is discovered by its management station, it will appear in Devices > Devices > All Devices.

Be aware that changes made directly to a managed device may override the settings defined at the management station level. Use caution when modifying device settings.

There is a known issue with Check Point devices: when the monitoring method is changed at the management station level, that change is not automatically applied to discovered devices. The monitoring method must be updated manually on each affected device.

To verify the correct Change Monitoring is set for a managed Check Point device, follow these steps:

  1. On the toolbar, click Device > Devices and click the Check Point device name in the All Devices list.

  2. Scroll to and expand the Monitoring section.

  3. Verify that the Enable Change Monitoring checkbox is selected.

  4. Verify that either LEA audit logs or SYSLOG is set as the Change Monitoring Method to match what is being used by the Check Point Management Station that is managing this device.