Deployment
User Permissions and Connection Requirements
| Category | Description |
|---|---|
| User Permissions | The addon requires the creation of a dedicated user with administrative privileges within your Check Point environment. |
| Adapter to Check Point | Each adapter should be connected to a single Check Point appliance for optimal performance and management. |
| Cloud Proxy to Check Point | Ensure a stable connection between the selected Cloud Proxy and the Check Point appliance using the HTTPS protocol on port 443. |
| Cloud Proxy to Registry | A reliable connection between the Cloud Proxy and registry.indevops.com is required, accessible via port 443. |
Installing addon
Pre-pull adapter's container image
Adapter's container must be pre-pulled on cloud proxy instances.
- SSH as
rootto cloud-proxies belonging to the collector group where adapter is to be run. - Login to docker registry using
docker login registry.indevops.com.- Use Harbor robot account designated for that deployment - provided by
INDEVOPS.
- Use Harbor robot account designated for that deployment - provided by
- Pull container image using
docker pull <IMAGE NAME>.- Image name can be found on release page for a given version of the addon.
Install PAK file
- Download PAK file for version matching the pre-pulled adapter container image.
- PAK file can be found on release page for a given version of the addon.
- Login to VMware Aria Operations and go to 'Data Sources > Integrations > Repository > Add' and upload the PAK file, selecting both:
Install the PAK file even if it is already installedIgnore the PAK file signature checking
- Install the addon.
Configure Adapter
- Go to Administration > Integrations > Repository
Use filteron the right to putINDEVOPSClick onbrick withCheck Point
- Use button
ADD ACCOUNT - Fill the fields
Adapter fields
| Field Name | Definition |
|---|---|
| Name | A unique identifier or label for the adapter. |
| Description | A brief description of the adapter's purpose or function. |
| API Host | Hostname or IP address of the Checkpoint Infrastructure API. |
| Credentials | Authentication details username/password. |
| Collector / Group | The collector or group managing data collection. Must be set to cloud proxy where adapter's container image is pre-pulled. |
| API Port | Port of the Checkpoint Infrastructure API. |
| Skip TLS Certificate Validation (Insecure) | Flag to skip TLS/SSL certificate validation. Accepts true or false. |
| Custom Device Interfaces | An optional list of Checkpoint device names and their custom interface IP addresses provided in JSON array format. |
| Adapter Memory Limit (MB) | Maximum memory (in MB) the adapter can use. |
| Log Level | Logging detail level: Debug for detailed logging, Normal for standard logs, Trace for extensive tracing. |