SecureXL Disabled-checkpoint-all
Vendor: checkpoint
OS: all
Description:
If SecureXL is disabled, that means none of incoming traffic will go through an accelerated path. Indeni will alert as a result.
Remediation Steps:
Run “fwaccel stat” for more information and root cause.
chkp-fw-accel-stat-vsx
name: chkp-fw-accel-stat-vsx
description: Get securexl status information
type: monitoring
monitoring_interval: 5 minutes
requires:
vendor: checkpoint
role-firewall: 'true'
vsx: 'true'
comments:
securexl-status:
why: |
To check the status of the SecureXL mechanism. SecureXL not fucntioning can have adverse effect on perfromance
of the gateway
how: |
By running the command "fwaccel stat" the status of secureXL can be retrived
can-with-snmp: false
can-with-syslog: false
securexl-disabled-from-rule:
why: |
To check the status of the SecureXL mechanism and also check if the SecureXL not fucntioning from a
specific rule.
how: |
By running the command "fwaccel stat" the status of secureXL can be retrived and can be checked from which Rule
it is disabled.
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
file: fwaccel-stat-vsx.remote.1.bash
parse:
type: AWK
file: fwaccel-stat-vsx.parser.1.awk
CheckPointSecureXLDisabledNoVsxRule
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/CheckPointSecureXLDisabledNoVsxRule.scala