Configuring the Security Group in Monitor Mode Behind a Proxy Server
If you connect a Proxy Server between the Security Group
A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. in Monitor Mode and the switch, then configure these settings to see Source IP addresses and Source Users in the Security Gateway logs:
|
Step |
Instructions |
|---|---|
|
1 |
On the Proxy Server, configure the "X Forward-For header". See the applicable documentation for your Proxy Server. |
|
2 |
On the Security Group in Monitor Mode, enable the stripping of the X-Forward-For (XFF) field. Follow the sk100223: How to enable stripping of X-Forward-For (XFF) field. |