Check Point Firewall
This pack includes Cortex XSIAM content.
Manage Check Point firewall via API
This pack includes Cortex XSIAM content.
This pack includes Cortex XSIAM content.
You need to configure Check Point to forward Syslog messages in CEF format.
Go to Checkpoint Log Export, and follow the instructions under Basic Deployment to set up the connection using the following guidelines:
In order to use the collector, use the Broker VM option.
To create or configure the Broker VM, use the information described here.
You can configure the specific vendor and product for this instance.
Name | Description |
---|---|
CheckPointDownloadBackup | Deprecated. Use ssh command instead. Downloads the Check Point policy backup to the Cortex XSOAR War Room. |
CheckpointFWCreateBackup | Deprecated. Use ssh command instead. Connect to a Check Point firewall appliance using SSH and trigger a task to create a configuration backup of the device. The user account being used to access the device must be set to use the SSH shell and not the built-in Check Point CLI. For more information, consult the CheckPoint documentation. |
CheckpointFWBackupStatus | Deprecated. Use ssh command instead. Connect to a CheckPoint firewall appliance using SSH and retrieve the status for backup tasks. The user account being used to access the device must be set to use the SSH shell and not the built-in CheckPoint CLI. For more information, consult the CheckPoint documentation. |
Name | Description |
---|---|
Check Point Firewall (Deprecated) | Deprecated. Use the Check Point Firewall v2 integration instead. Manage Check Point firewall via API |
CheckPoint Firewall v2 | Use this integration to read information and send commands to the Check Point Firewall server. |
Name | Description |
---|---|
Checkpoint - Block URL | This playbook blocks URLs using Check Point Firewall through Custom URL Categories. |
Checkpoint - Publish&Install configuration | Publish the Check Point Firewall configuration and install policy on all available gateways. |
Checkpoint - Block IP - Append Group | The playbook receives malicious IP addresses as inputs, checks if the object group exists (if not, the object group is created), and appends the related IPs to that object. If you have not assigned the appended group to a rule in your firewall policy, you can use |
Checkpoint - Block IP - Custom Block Rule | This playbook blocks IP addresses using Custom Block Rules in Check Point Firewall. |
Name | Description |
---|---|
CheckPointDownloadBackup | Deprecated. Use ssh command instead. Downloads the Check Point policy backup to the Cortex XSIAM War Room. |
CheckpointFWBackupStatus | Deprecated. Use ssh command instead. Connect to a CheckPoint firewall appliance using SSH and retrieve the status for backup tasks. The user account being used to access the device must be set to use the SSH shell and not the built-in CheckPoint CLI. For more information, consult the CheckPoint documentation. |
CheckpointFWCreateBackup | Deprecated. Use ssh command instead. Connect to a Check Point firewall appliance using SSH and trigger a task to create a configuration backup of the device. The user account being used to access the device must be set to use the SSH shell and not the built-in Check Point CLI. For more information, consult the CheckPoint documentation. |
Name | Description |
---|---|
CheckPoint Firewall v2 | Use this integration to read information and send commands to the Check Point Firewall server. |
Check Point Firewall (Deprecated) | Deprecated. Use the Check Point Firewall v2 integration instead. Manage Check Point firewall via API |
Name | Description |
---|---|
CheckPoint Firewall Collection |
Name | Description |
---|---|
Checkpoint - Block URL | This playbook blocks URLs using Check Point Firewall through Custom URL Categories. |
Checkpoint - Publish&Install configuration | Publish the Check Point Firewall configuration and install policy on all available gateways. |
Checkpoint - Block IP - Append Group | The playbook receives malicious IP addresses as inputs, checks if the object group exists (if not, the object group is created), and appends the related IPs to that object. If you have not assigned the appended group to a rule in your firewall policy, you can use |
Checkpoint - Block IP - Custom Block Rule | This playbook blocks IP addresses using Custom Block Rules in Check Point Firewall. |
Pack Name | Pack By |
---|---|
Base | By: Cortex XSOAR |
Common Playbooks | By: Cortex XSOAR |
Common Scripts | By: Cortex XSOAR |
Remote Access | By: Cortex XSOAR |
Pack Name | Pack By |
---|
Pack Name | Pack By |
---|---|
Cortex REST API | By: Cortex XSOAR |
Filters And Transformers | By: Cortex XSOAR |
Common Scripts | By: Cortex XSOAR |
Remote Access | By: Cortex XSOAR |
Common Playbooks | By: Cortex XSOAR |
Rasterize | By: Cortex XSOAR |
Base | By: Cortex XSOAR |
** CheckPoint Firewall v2**
Added 5 commands that handle threat protections and threat profiles:
Certification | Certified | Read more |
Supported By | Cortex | |
Created | September 23, 2020 | |
Last Release | November 28, 2024 |