|
|
|
In This Section: |
SmartView Monitor gives you a complete picture of network and security performance. Use it to respond quickly and efficiently to changes in gateways, tunnels, remote users and traffic flow patterns or security activities.
SmartView Monitor is a high-performance network and security analysis system. This system helps you to establish work habits based on learned system resource patterns. Based on Check Point Security Management Architecture, SmartView Monitor provides a single, central interface, to monitor network activity and performance of Check Point Software Blades.
SmartView Monitor allows administrators to easily configure and monitor different aspects of network activities. You can see graphical from an integrated, intuitive interface.
Defined views include the most frequently used traffic, counter, tunnel, gateway, and remote user information. For example, Check Point System Counters collect information on the status and activities of Check Point products (for example, VPN or NAT). With custom or defined views, administrators can drill-down the status of a specified gateway and/or a segment of traffic. That way, administrators identify top bandwidth hosts that can influence network performance. If suspicious activity is detected, administrators can immediately apply a Firewall rule to the applicable Security Gateway to block that activity. These Firewall rules can be created dynamically through the graphical interface and be set to expire in a specified time period.
You can generate Real-time and historical graphical reports of monitored events. This provides a comprehensive view of gateways, tunnels, remote users, network, security, and performance over time.
The monitoring views show real-time and historical graphical views of:
In SmartView Monitor you can create customized monitoring view.
Examples of scenarios for which SmartView Monitor can help:
To open the monitoring views in SmartConsole:
To open SmartView Monitor:
If the status shows an issue, you can act on that network object.
For example:
To monitor a Gateway in the Logs & Monitor view of SmartConsole, or in SmartView Monitor:
No other deployment steps are necessary.
Alerts provide real-time information about possible security threats, and how to avoid, minimize, or recover from the damage. The administrator can define alerts to be sent for different gateways and for certain policies or properties.
The gateways send alerts to the Security Management Server. The Security Management Server forwards these alerts to SmartView Monitor. By default, an alert is sent as a pop-up message to the administrator desktop when a new alert arrives to SmartView Monitor.
You can set global alert parameters for all gateways in the system, or specify an action to send an alert for a particular gateway.
Alerts are sent when:
System Alerts are sent for predefined system events or for important situation updates. For example, if free disk space is less than 10%, or if a security policy is changed. System Alerts can also be defined for each product. For example, you can define System Alerts for Unified Package and other System Alerts for Check Point QoS.
Alert commands are set in SmartConsole > Global Properties > Log and Alert > Alerts page. The Alerts in this window apply only to Security Gateways.
To see alerts:
The Alerts window opens.
The Check Point Security Management Server System Alert monitoring mechanism uses the defined System Alert thresholds. If a threshold is reached, it activates the defined action.
To activate System Alert monitoring:
Go to Tools > Start System Alert Daemon.
To stop the System Alert monitoring:
Go to Tools > Stop System Alert Daemon.
