Fortinet black logo

Administration Guide

Home FortiDeceptor 5.0.0 Administration Guide

Integrate with Checkpoint Firewall

5.0.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID 666526c9-6f4b-11ed-8e6d-fa163e15d75b:126473
Download PDF

Integrate with Checkpoint Firewall

All the configurations for CheckPoint Firewall are done with the SmartConsole.

1. Configure the REST API permissions.

  1. Open the SmartConsole and go to Management API and click Advanced Settings > All IP addresses.
  2. Click Publish.
  3. Use SSH to log in to the manager server, then type api restart.
  4. Create a domain object named .quarantine.com.
  5. Create a network group object named fdc-block-ip.
  6. Add the domain object named .quarantine.com to the network group object named fdc-block-ip.
  7. Create a new policy rule.
    1. Create a new policy rule named quarantine.
    2. Set the policy Source to fdc-block-ip.
    3. Set Destination to Any.

    4. Set Action to Inline Layer > New Layer. Give the layer a name such as Cleanup Rule and click OK.

    5. Set Action to Drop.
    6. You can use the default settings for the other fields.
  8. (Optional) Make the CheckPoint Fire Wall pingable.
    1. Log in to the SmartConsole.
    2. Go to Global Properties and enable Accept ICMP requests.
    3. Install the policy.

2. Configure FortiDeceptor

  1. On FortiDeceptor go to Fabric > Quarantine Integration, and click +Quarantine Integration with New Device.
  2. Configure the new device based on the following recommendations and click Save.

    Integrate Method

    Select CheckPoint-FW-Isolation.

    IP Block Policy (network Group Name)Enter the group object name you created (fdc-block-ip).
    Username

    Enter the Username for the management account in CheckPoint Fire Wall.

    You can create new admin with API permissions or use Admin.

    PasswordEnter the Password for the management account in CheckPoint Fire Wall.
    Verify SSLDisable.
    Install Policy After PublishEnable.

Previous
Next

Integrate with Checkpoint Firewall

All the configurations for CheckPoint Firewall are done with the SmartConsole.

1. Configure the REST API permissions.

  1. Open the SmartConsole and go to Management API and click Advanced Settings > All IP addresses.
  2. Click Publish.
  3. Use SSH to log in to the manager server, then type api restart.
  4. Create a domain object named .quarantine.com.
  5. Create a network group object named fdc-block-ip.
  6. Add the domain object named .quarantine.com to the network group object named fdc-block-ip.
  7. Create a new policy rule.
    1. Create a new policy rule named quarantine.
    2. Set the policy Source to fdc-block-ip.
    3. Set Destination to Any.

    4. Set Action to Inline Layer > New Layer. Give the layer a name such as Cleanup Rule and click OK.

    5. Set Action to Drop.
    6. You can use the default settings for the other fields.
  8. (Optional) Make the CheckPoint Fire Wall pingable.
    1. Log in to the SmartConsole.
    2. Go to Global Properties and enable Accept ICMP requests.
    3. Install the policy.

2. Configure FortiDeceptor

  1. On FortiDeceptor go to Fabric > Quarantine Integration, and click +Quarantine Integration with New Device.
  2. Configure the new device based on the following recommendations and click Save.

    Integrate Method

    Select CheckPoint-FW-Isolation.

    IP Block Policy (network Group Name)Enter the group object name you created (fdc-block-ip).
    Username

    Enter the Username for the management account in CheckPoint Fire Wall.

    You can create new admin with API permissions or use Admin.

    PasswordEnter the Password for the management account in CheckPoint Fire Wall.
    Verify SSLDisable.
    Install Policy After PublishEnable.

Previous
Next