In This Section: |
The Home > System page shows an overview of the Check Point Appliance.
The Check Point Appliance requires only minimal user input of basic configuration elements, such as IP addresses, routing information, and blade configuration. The initial configuration of the Check Point Appliance can be done through a First Time Configuration Wizard. When initial configuration is completed, every entry that uses http://my.firewall shows the WebUI Home > System page.
If applicable, click the links to configure Internet and Wireless options.
The Home > Security Dashboard page shows you the active blades and lets you quickly navigate to the blade configuration page.
It also gives you:
The software blades are shown in these groups on this page based on where they are configured in the WebUI:
You can click the tab name link or software blade link to access the tab for further configuration.
To turn a software blade on or off:
Slide the lever of the specified blade to the necessary ON or OFF position. When you turn off the Firewall blade, click Yes in the confirmation message.
Note - Software blades that are managed by Cloud Services show a lock icon. You cannot toggle between on and off states. If you change other policy settings, the change is temporary. Any changes made locally are overridden in the next synchronization between the gateway and Cloud Services.
To see or edit setting information:
The blade settings window opens.
To view statistics:
The blade statistics window opens.
To view an alert:
On the Home > Cloud Services page, you can connect the appliance to Cloud Services. The Cloud Services Provider uses a Web-based application to manage, configure, and monitor your appliance.
To connect the appliance to Cloud Services:
A window opens and shows the activation details sent in the email.
If the appliance is connected to a different Cloud Services Provider, you are asked if you want to continue.
Alternatively, follow the connection procedure below.
When you successfully connect, a security policy and other settings are pushed to the appliance. The settings defined by Cloud Services contain your activated blades, security policy, and service settings.
After Cloud Services are turned on, these identification details are shown in the WebUI:
These are the sections on this page:
Remotely managed blade pages show a lock icon. You cannot toggle between the on and off states. If you change other policy settings, the change is temporary. Any changes made locally are overridden in the next synchronization between the gateway and Cloud Services.
If no blades are remotely managed, all of the blades icons are gray.
These are the available services:
Before you can connect to Cloud Services, make sure you have:
Or
Workflow to connect to Cloud Services:
Make sure the gateway registration information is correct.
When you connect for the first time, the appliance must verify the certificate of the Cloud Services Provider against its trusted Certificate Authority list. If verification fails, you get a notification message. You can stop or ignore the verification message and continue.
To connect to Cloud Services:
The Configure Cloud Services window opens.
The Check Point Appliance tries to connect to the Cloud Services Provider. The Cloud Services section shows a progress indicator and shows the connection steps.
Note - If you see a message that the identity of your Cloud Services Provider cannot be verified but you are sure of its identification, click Resolve and then Ignore and reconnect.
When connectivity is established, the Cloud Services section at the top of the page shows:
A Cloud Services Server widget is shown on the status bar and shows Connected. If you click this widget, the Cloud Services page opens.
To test connectivity to the cloud service:
test cloud-connectivity
<service-center-addr> addr
To get an updated security policy, activated blades, and service settings:
Click Fetch now.
The Check Point Appliance gets the latest policy, activated blades, and service settings from Cloud Services.
The Home > License page shows the license state for the software blades. From this page, the appliance can connect to the Check Point User Center with its credentials to pull the license information and activate the appliance.
In most cases, you must first register the appliance in your Check Point User Center account or create one if you don't already have one. A User Center account is necessary to receive support and updates.
If you have Internet connectivity configured:
You are notified that you successfully activated the appliance license.
If you were not able to activate the license, it may be because:
Or
If there is a proxy between your appliance and the Internet, you must configure the proxy details before you can activate your license.
To configure the proxy details:
If your appliance is not registered:
You are notified that you successfully activated the appliance license.
After initial activation, the Activate License button shows as Reactivate. If you make changes to your license, click Reactivate to get the updated license information.
If you are offline while configuring the appliance:
The Import Activation File window opens.
The activation process starts.
The Home > Site Map page shows a site map of the WebUI. It shows all of the tabs and the pages they contain.
Click the link to any page directly from the Site Map page.
The Active Devices page shows a list of the devices identified in internal networks. The information includes:
Note - If a host has both IPv4 and IPv6 addresses, there will be a single entry in the table.
Manage the display:
When you select this option, the New Network Object window or New Server Wizard opens. Enter the information in the fields and click Apply. Use these objects to reserve IP addresses to MAC addresses in the DHCP server and also add this object name as a host in the local DNS service. Network objects and server objects can be used in the security configurations, for example in the Access Policy and IPS exceptions.
A server object also allows you to configure access and NAT if applicable as part of the object. If access and/or NAT are configured, automatic access rules are created in the Access Policy Rule Base.
This operation may affect performance.
To stop, click Stop Traffic Monitoring.
The display shows the devices connected to the gateway through a Hotspot. You can revoke the Hotspot access for one or more devices. This disconnects the device from the gateway and requires the device to log in again through the Hotspot.
To revoke the Hotspot access:
The access for that device is revoked. You must log in again through the Hotspot to reconnect the device to the gateway.
Note - If there is no IPv6 activity in a dual stack host, the Active devices do not show the IPv6 address.
Note - This page is available from the Home and Logs & Monitoring tabs.
The Monitoring page shows network, security, and troubleshooting information. When you enter this page, the latest data shows. You can click Refresh to update information. To see a sample monitoring report, click Demo. To close the sample reports, click Back.
The number of current connections in the system is shown for VPN Tunnels, Active Devices, and Connections. You can click the links to open the corresponding WebUI pages.
The Monitoring page is divided into these sections:
To expand or collapse the sections, click the arrow icon in the section's title bar.
Network
By default, network statistics are shown for the last hour. You can also see statistics for the last day. Select the applicable option Last hour or Last day from the Network section's title bar.
The data is automatically refreshed for the time period:
Last hour - At one minute intervals. For example, if you generate a report at 10:15:45 AM, the report represents data from 9:15 to 10:15 AM.
Last day - At hourly intervals. For example, if you generate a report at 10:15 AM, the report represents data from the last 24 hours ending at 10:00 AM of the current day.
If you hover over a time interval, a popup box shows:
Security
You can click All Infected Hosts to open the Logs & Monitoring > Infected Hosts page.
You can click Applications Blade Control to open the Access Policy > Firewall Blade Control page to see Applications and URL Filtering settings.
You can click the links to open the Threat Prevention > Blade Control page.
Troubleshooting
Note - This page is available from the Home and Logs & Monitoring tabs.
The Reports page shows network analysis, security analysis, and infected hosts reports by a selected time frame (monthly, weekly, daily, and hourly).
These elements influence the times shown in reports:
Rounding Off of Time
The times shown in generated reports are rounded down:
System Reboot
In the first 24 hour cycle after an appliance starts up (after installation or an update), the system adds one more time interval to the delta of the next applicable report interval.
For example, for weekly reports that are generated at pair hour intervals, the appliance requires 1 more hours plus the delta for the first applicable pair hour.
After you start up an appliance, reports are generated:
Note - Only the last generated report for each report type is saved in the appliance. When you generate a new report, you override the last saved report for the specified type.
To generate a report:
Click the applicable time frame link at the top of the page (Monthly, Weekly, Daily or Hourly).
The line below the links shows the selected report and its time frame. To refresh the data shown, click Generate.
The report includes these sections:
Executive Summary
The first page of the report is the executive summary and shows:
Table of Contents
The table of contents contains links to the network analysis, security analysis, and infected hosts reports. Click a link to go directly to the selected section.
Report Pages
Each report page shows a detailed graph, table, and descriptions.
Note - This page is available from the Home and Logs & Monitoring tabs.
On the Tools page you can:
To monitor system resources:
To show the routing table:
To verify the appliance connectivity to Cloud Services:
Click Test Cloud Services Ports.
The Cloud Services Ports Test window opens and shows the available ports and their state.
To display DSL statistics:
Click DSL Statistics. A window opens and shows the statistic parameters.
To generate a CPInfo file:
To ping or trace an IP address:
To perform a DNS lookup:
To capture packets:
If a packet capture file exists, a note shows the date of the file and you can download it before you start a new packet capture that overwrites the existing file.
You can activate packet capture and go to other WebUI application pages while the packet capture runs in the background. However, the packet capture stops automatically if the WebUI session ends. Make sure you return to the packet capture page, stop and download the capture result before you end the WebUI session.
Note - The capture utility uses tcpdump. "fw monitor" is available through the command line interface.
When the mini-USB is used as a console connector, Windows does not automatically detect and download the driver needed for serial communication. You must manually install the driver. For more information, see sk111713.
To download the Windows driver for Mini-USB console socket:
Click the Download link.
Note - This page is available from the Home, Device, and Logs & Monitoring tabs.