Configuring SNMP Monitoring Thresholds

Configure the SNMP monitoring thresholds in the command line of the Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server.. When you install the policy on the Security Gateways. the SNMP monitoring thresholds are applied globally to these Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources..

Configuring SNMP thresholds on a Multi-Domain Server

In a Multi-Domain Security Management environment, you can configure thresholds on the Multi-Domain ServerClosed Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS. and on each individual Domain Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..

Thresholds that you configure on the Multi-Domain Server lkevel are for the Multi-Domain Server only.

Thresholds that you configure for a Domain Management Server are for that Domain Management Server and its managed Security Gateways. If a threshold applies to the Multi-Domain Server and the Security Gateways managed by the Domain Management Server, set it on the Multi-Domain Server and Domain Management Server. But in this situation you can only get alerts from the Multi-Domain Server if the threshold passed.

For example, because the Multi-Domain Server and Domain Management Server are on the same machine, if the CPU threshold is passed, it applies to both of them. But only the Multi-Domain Server generates alerts.

You can see the Multi-Domain Security Management level for each threshold with the "threshold_config" command.

  • If the Multi-Domain Security Management level for a threshold is Multi-Domain Server:

    Alerts are generated for the Multi-Domain Server when the threshold point is passed.

  • If the Multi-Domain Security Management level for a threshold is Multi-Domain Server and Domain Management Server:

    Alerts are generated for the Multi-Domain Server and Domain Management Servers separately when the threshold point is passed.

Configuring a SNMP thresholds on Security Gateways

You can configure SNMP thresholds locally on a Security Gateway with the same procedure that you do on a Security Management Server. But each time you install a policy on the Security Gateway, the local settings are erased and it reverts to the global SNMP threshold settings.

You can use the "threshold_config" command to save the configuration file and load it again later.

The configuration file that you can back up is: $FWDIR/conf/thresholds.conf

 

For more information about the "threshold_config" command, see the R80.40 CLI Reference Guide.