Setting up SNMP Monitoring on an NDR Sensor

This section describes how to set up SNMP monitoring on an NDR Network Detection and Response Sensor.

Step 1: Enable SNMP Monitoring in the NDR System

SNMP Monitoring must be enabled in the NDR system. To enable this feature, submit a request to the NDR team: ndr@checkpoint.com.

Step 2: Configure Gaia SNMP

To enable and configure SNMP, follow the procedure used for any Check Point Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. device (see the R81.20 Gaia Administration Guide for instructions).

Step 3: Configure a Static Route

To enable communication between the NDR Sensor and the NMS Server, create a static route.

1. To create a static route using Gaia portal or CLI, run this command:

   set static-route <nms_server_ip>/32 nexthop gateway address <gateway_ip> on

2. To apply the new static route, restart the Sensor’s connection to the NDR Cloud with this command:

   vg cloud_disconnect

Step 4: Configure a Dynamic Object to allow SNMP traffic

The NDR Sensor uses an "SNMPSource" Dynamic Object Special object type, whose IP address is not known in advance. The Security Gateway resolves the IP address of this object in real time. for communication with the NMS server.

To create the "SNMPSource" Dynamic Object, run this command:

dynamic_objects -n SNMPSource -r <nms_server_ip> <nms_server_ip> -a

Note - The "-r" option accepts a range of IP Internet Protocol addresses, so it is necessary to specify the IP address twice in the command.