Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[FW-1] Urgent help: Explaination of Checkpoint Standalone log server (NO

from cisco4ng [Permanent Link]
Subject: [FW-1] Urgent help: Explaination of Checkpoint Standalone log server (NOT CLM) needed.
From: cisco4ng <cisco4ng AT YAHOO DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Wed, 29 Nov 2006 06:56:44 -0800 
I have a question regarding Checkpoint Customer Log
Module (CLM).  The CLM that I am referring to is a
stand-alone log server and it is NOT part of Provider-1
MLM.  I know exactly the differences between the two.
Here is my question:
   
  I have Provider-1 NGx R61 with HFA_01 and a couple of 
CMAs in this P-1.  One of the customers that I manage 
from one of the CMA in the P-1 decides to have his own
standalone log server (NGx R61 with HFA_01).  That's fine.
I can have the firewall sending log to both the CMA and
the standalone log server.  This standalone log server
is running RedHat Enterprise Linux with NGx R61 HFA_01.
   
  The problem is that not only the customer can view the log
via SmartView Tracker, they can also view the Security 
Policy from the SmartDashboard (in read only mode) on that
Standalone log server (CLM) box.  How the heck is this
suppose to happen?  I thought the standalone log server
is supposed to let users see log in real-time, NOT the 
security policy.  How does it happen?  More importantly,
how can I prevent it from happening?  In other words,
I do not want users who has access to the log server
to be able to view the policy?  Keep in mind that the log
server itself has it owns user account database so I can
NOT push user account from the MDS to it because
it is a stand-alone log server and NOT part of Provider-1
MLM.
   
  The second question I have is that with I am running
NGx R61 with HFA_01 standalone server (CLM) on RedHat 
Enterprise Linux, I can create a lot of users via the
command line "fwm -a xxx"; however, when I have the 
standalone log server running on either Nokia appliances
or Secureplatform, the command "fwm -a xxx" does NOT work.
Why is the discrepancy?  

  Really appreciate everyone's assistance here.
   
  cisco4ng

 __________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [FW-1] Urgent help: Explaination of Checkpoint Standalone log server (NOT CLM) needed., cisco4ng <=
Previous by Date:  [FW-1] [SUSPECTED SPAM - BM]What is the differen between VPN-1 Power/VPN-1 UTM and VPN-1 Pro/Express, Bill Smith
Next by Date:  Re: [FW-1] [SUSPECTED SPAM - BM]What is the differen between VPN-1 Power/VPN-1 UTM and VPN-1 Pro/Express, Reinhard Stich
Previous by Thread:  [FW-1] [SUSPECTED SPAM - BM]What is the differen between VPN-1 Power/VPN-1 UTM and VPN-1 Pro/Express, Bill Smith
Next by Thread:  [FW-1] UNSUBSCRIBE fw-1-mailinglist, ccorder
Indexes:  [Date] [Thread] [Top] [All Lists]