Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Integration with a Nokia Firewall by Using OPSEC

JSA can accept Check Point FireWall-1 events from Nokia Firewalls using the Check Point FireWall-1 DSM configured using the OPSEC/LEA protocol.

Before you configure JSA to integrate with a Nokia Firewall device, you must:

  1. Configure Nokia Firewall using OPSEC, see Configuring a Nokia Firewall for OPSEC.

  2. Configure a log source in JSA for your Nokia Firewall using the OPSEC LEA protocol, see OPSEC/LEA Log Source Parameters for Nokia Firewall.

Configuring a Nokia Firewall for OPSEC

You can configure Nokia Firewall by using OPSEC.

  1. To create a host object for your JSA, open up the Check Point SmartDashboard GUI, and select Manage >Network Objects >New >Node >Host.

  2. Type the Name, IP address, and an optional comment for your JSA.

  3. Click OK.

  4. Select Close.

  5. To create the OPSEC connection, select Manage >Servers and OPSEC Applications >New >OPSEC Application Properties.

  6. Type the Name and an optional comment.

    The name that you type must be different from the name in Step 2.

  7. From the Host drop-down menu, select the JSA host object that you created.

  8. From Application Properties, select User Defined as the Vendor Type.

  9. From Client Entries, select LEA.

  10. Select OK and then select Close.

  11. To install the policy on your firewall, select Policy >Install >OK.

    For more information on policies, see your vendor documentation. You can now configure a log source for your Nokia Firewall in JSA.

OPSEC/LEA Log Source Parameters for Nokia Firewall

If JSA does not automatically detect the log source, add a Nokia Firewall log source on the JSA Console by using the OPSEC/LEA protocol.

When using the OPSEC/LEA protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect OPSEC/LEA events from Nokia Firewall:

Table 1: OPSEC/LEA Log Source Parameters for the Nokia Firewall DSM

Parameter

Value

Log Source type

Check Point FireWall-1

Protocol Configuration

OPSEC/LEA

Log Source Identifier

Type an IP address, host name, or name to identify the event source. IP addresses or host names are better because they enable JSA to match a log file to a unique event source.