Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
2Activity
0 of .
Results for:
No results containing your search query
P. 1
CheckPointOPSEC-ADConfig

CheckPointOPSEC-ADConfig

Ratings: (0)|Views: 741|Likes:
Published by Maxim Grabovoy
ArcSight document
ArcSight document

More info:

Published by: Maxim Grabovoy on Aug 05, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

08/16/2014

pdf

text

original

 
Configuration Guide
SmartConnector™ for Check Point OPSEC NG
December 21, 2012
 
 
Configuration Guide
 
SmartConnector™ for Check Point OPSEC NG
 December 21, 2012Copyright ©2005 2012 Hewlett-Packard Development Company, L.P.Confidential computer software. Valid licensefrom HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial ComputerSoftware, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S.Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and servicesare set forth in the express warranty statements accompanying such products and services. Nothing herein should beconstrued as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissionscontained herein.Follow this link to see a complete statement of ArcSight's copyrights, trademarks and acknowledgements:http://www.hpenterprisesecurity.com/copyright.  The network information used in the examples in this document (including IP addresses and hostnames) is for illustrationpurposes only. This document is confidential.
Revision History
Date Description
12/21/2012 Removed unnecessary severity mappings from Audit Log mappings.06/30/2012 Updated "Obtaining SIC" and "Obtaining SIC Entity" names sections; updated Profiler Trace information.05/15/2012 Added new installation procedure.08/12/2011 Added support for Check Point R80. Added troubleshooting information regarding LEA Server connectionproblems.06/30/2011 End of life for Check Point R55, R60, R61, R62.03/30/2011 Added support for Check Point R75.02/15/2011 Updated Security Log mappings and Troubleshooting information.11/15/2010 Added Security Log mappings for Device Custom IPv6 Address 2 and Device Custom IPv6 Address 3.Updated information regarding executing lea_client under OPSEC debug mode. Updated Source Translated Address mapping.09/24/2010 Revised connector name; updated configuration information.08/17/2010 Version update and support for Check Point R71.06/25/2010 General availability of support for Check Point Endpoint Security events.
 
Configuration GuideConfidential
3
 
Contents
Product Overview ............................................................................................................................................ 4Configuration ................................................................................................................................................... 4Overview ..................................................................................................................................................... 4Configure Clear Connection ........................................................................................................................ 5Configure sslca or ssl_opsec Connection ................................................................................................... 6Create a New Application Object ............................................................................................................ 6Obtain the OPSEC SIC Name and OPSEC Entity SIC Name ................................................................. 8Pull the Certificate - sslca and ssl_opsec ...................................................................................................10Change the LD_LIBRARY_PATH Variable ............................................................................................11Establish an Authentication Key – ssl_opsec Only ....................................................................................12Change the LD_LIBRARY_PATH Variable ............................................................................................13Configure Provider-1/SiteManager-1 to Accept OPSEC Connections .......................................................13Provider-1 Supplemental Information .........................................................................................................15Install the SmartConnector.............................................................................................................................17Enable FIPS Mode .........................................................................................................................................22Run the SmartConnector ...............................................................................................................................23Device Event Mapping to ArcSight Fields ......................................................................................................23Additional Notes .............................................................................................................................................25Verifying Check Point1 Lets the Connector Box Pass Through .............................................................25Making Sure to Set Rules to Track Events.............................................................................................26Adapting HF1 or Later HotFix Patches for Check Point FP3 ..................................................................26Making Sure the C/C++lea_client in UNIX has Adequate Privilege ......................................................26 Troubleshooting .............................................................................................................................................26Check Point OPSEC NG connector fails to connect to LEA Server due to missing dll files needed forlea_client.exe .........................................................................................................................................26When upgrading from a previous version to the current SmartConnector version, the Check Pointservice stopped running; how can I fix this error? ..................................................................................26How do I resolve the error "./opsec_pull_cert: error while loading shared libraries: libpam.so.0: cannotopen shared object file: No such file or directory"? ................................................................................27Fixing Error: Error while loading shared libraries: libcpc++-libc6.1-2.so.3 .............................................27Executing lea_client Under OPSEC Debug Mode .................................................................................27When the lea_client cannot connect to the lea server ............................................................................28

Activity (2)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->