Security Customer Support Site

 

Enterprise Security user interface

 

Download and install the CheckPoint SmartConsole Rxx.zz GUI firewall rule set and log reporting application from https://partnergate.sonera.com/enterprisesecurity.html. Behind the link you will also find the installation instructions under “Rule and tracking applications installation instructions.”

 

Log-in and use of the user interface view

 

After the installation is complete, you can log into the real-time view of the SmartView Tracker application.

 

Enter the IP address of the SmartView Tracker server and the username and password you got in connection with the delivery into the SmartView Tracker login window. The IP address of the SmartView Tracker user interface can also be found in the connection details listed in SurfManager.

 

Figure. SmartView Tracker login.

 

The overview appears.

 

Figure. Overview of the tracking application.

 

The options listed on the left are links to the log data of different services (firewall, application and bandwidth management, etc.).  The services are listed in a table. Click on a service to see the log data viewing instructions.

 

1 Firewall 2

2 Application and bandwidth management and web filtering. 4

3 Antivirus, botnet protection and advanced threat protection. 6

4 Intrusion prevention. 8

5 User awareness. 10

6 LAN-to-LAN VPN.. 12

 

1 Firewall

 

To access firewall logs, click on Firewall Blade and Firewall.

 

Figure. Firewall log entry view

 

Double-click on a log line to view the log in more detail.

 

Figure. Log details.

 

Left-click on a field, for example the Source field, to create a filter for that field.

 

Figure. Log details.

 

Select Edit Filter and enter the detail you are interested in into the Specific field and click on Add or select an object in the object window. Click on OK in the window shown below to see all traffic from 10.111.254.11. Repeat the procedure for any fields you want to see the details of. To remove a filter, select the field and click on Clear Filter.

 

Figure. How to select a specific record.

 

Return to the service selection table

 

2 Application and bandwidth management and web filtering

 

Logs on application and bandwidth management and web filtering can be viewed by selecting Application and URL filtering -> All, or the specific details you wish to see (for example High Risk).

 

Figure. How to view application and bandwidth management and web filtering log data.

 

Double-click on a log line to view the log in more detail.

 

Figure. Detailed content of an application and bandwidth log line.

 

Right-click on the Source field, for example, to create a filter for the field.

 

Figure. Log details.

 

Select Edit Filter and enter the detail you are interested in into the Specific field and click on Add or select an object in the object window. Press OK to list all traffic related to HR_Partners. Repeat the procedure for any fields you want to see the details of. To remove a filter, select the field and click on Clear Filter.

 

Figure. How to select a specific record.

 

Return to the service selection table

 

3 Antivirus, botnet protection and advanced threat protection

 

To view all logs related to the antivirus, botnet protection and advanced threat protection functions, go to Threat Prevention -> All, or do a more limited search by selecting, for example, Most Important.

 

Figure. How to view antivirus, botnet protection and advanced threat protection log data

 

Double-click on a log line to view the log in more detail.

 

Figure. Log details.

 

Right-click on the Protection Type field, for example, to create a filter for the field.

 

Figure. Log details.

 

Select the type(s) of protection of your choice for closer viewing and click on OK. Repeat the procedure for any fields you want to see the details of. To remove a filter, select the field and click on Clear Filter.

 

Figure. How to select a specific protection type filter.

 

Return to the service selection table

 

a4 Intrusion prevention

 

To view intrusion prevention logs, select IPS Blade ŕ All or the details you are interested in (Most Important, etc.).

 

Figure. General and detailed view of intrusion prevention logs

 

Double-click on a log line to view the log in more detail.

 

Figure. Log details.

 

Right-click on the Source field, for example, to create a filter for the field.

 

Figure. Log details.

 

Select Edit Filter and enter the detail you are interested in into the Specific field and click on Add or select an object in the object window. Click on OK in the window shown below to see all traffic from 4.0.0.1. Repeat the procedure for any fields you want to see the details of. To remove a filter, select the field and click on Clear Filter.

 

Figure. How to select a specific record.

 

Return to the service selection table

 

5 User awareness

 

To view user identification logs, select Identity Awareness Blade -> All.

 

Figure. How to view user awareness logs.

 

Double-click on a log line to view the log in more detail.

 

Figure. Log details.

 

Right-click on the Source field, for example, to create a filter for the field.

 

Figure. Log details.

 

Select Edit Filter and enter the detail you are interested in into the Specific field and click on Add or select an object in the object window. Click on OK in the window shown below to see all traffic from the device CitrixWI. Repeat the procedure for any fields you want to see the details of. To remove a filter, select the field and click on Clear Filter.

 

Figure. How to select a specific record.

 

Return to the service selection table

 

6 LAN-to-LAN VPN

 

To view LAN-to-LAN VPN logs, select IPsec VPN Blade -> VPN.

 

Figure. How to view LAN-to-LAN VPN logs.

 

Double-click on a log line to view the log in more detail.

 

Figure. Log details.

 

Right-click on the Action field, for example, to create a filter for that field.

 

Figure. Log details.

 

Select an action to view its details and click on OK. Repeat the procedure for any log fields you want to see the details of. Repeat the procedure for any fields you want to see the details of. To remove a filter, select the field and click on Clear Filter.

 

Figure. How to select a specific action.

 

Return to the service selection table