Packet drop counters increasing-checkpoint-all
Vendor: checkpoint
OS: all
Description:
indeni will track packet drop counters and alert if any important counters are incrementing.
Remediation Steps:
Contact your technical support provider.
How does this work?
indeni uses the built-in Check Point “asg_drop_monitor” command to retreive the number of drops.
Why is this important?
A large increase in dropped packets could mean that a new rule is blocking legitimate traffic, or that some traffic need a firewall rule to be allowed out.
Without Indeni how would you find this?
An administrator could login and manually run the command.
chkp-asg-drop-monitor
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/checkpoint/asg/asg-drop-monitor/asg-drop-monitor.ind.yaml
cross_vendor_packet_drops
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_packet_drops.scala