Adding devices that are managed by CPSMS by using OPSEC

Add devices that are managed by Check Point Security Manager Server versions NGX R60 to R77 to IBM® QRadar® Risk Manager by using OPSEC to discover and add the devices.

Before you begin

Review the supported software versions, credentials, and required commands for your network devices. For more information, see Supported adapters.

You must obtain the OPSEC Entity SIC name, OPSEC Application Object SIC name, and the one-time password for the pull certificate password before you begin this procedure. For more information, see your CPSMS documentation.

Note: The Device Import feature is not compatible with CPSMS adapters.

About this task

Repeat the following procedure for each CPSMS that you want to connect to, and to initiate discovery of its managed firewalls.

Procedure

  1. On the navigation menu ( Navigation menu icon), click Admin to open the admin tab.
  2. On the Admin navigation menu, click Apps.
  3. On the Risk Manager pane, click Configuration Source Management.
  4. On the navigation menu, click Credentials.
  5. On the Network Groups pane, click Add a new network group.
    1. Type a name for the network group, and then click OK.
    2. Type the IP address of your CPSMS device, and then click Add.
      Restriction: Do not replicate device addresses that exist in other network groups in Configuration Source Management.
    3. Ensure that the addresses that you add are displayed in the Network address box beside the Add address box.
  6. On the Credentials pane, click Add a new credential set.
    1. Type a name for the credential set, and then click OK.
    2. Select the name of the credential set that you created, and then type a valid user name and password for the device.
  7. Type the OPSEC Entity SIC name of the CPSMS that manages the firewall devices to be discovered. This value must be exact because the format depends on the type of device that the discovery is coming from. Use the following table as a reference to OPSEC Entity SIC name formats.
    Type Name
    Management Server CN=cp_mgmt,O=<take O value from DN field>
    Gateway to Management Server CN=cp_mgmt_<gateway hostname>,O=<take O value from DN field>

    For example, when you are discovering from the Management Server:

    • OPSEC Application DN: CN=cpsms226,O=vm226-CPSMS..bs7ocx

    • OPSEC Application Host: vm226-CPSMS

    The Entity SIC Name is CN=cp_mgmt,O=vm226-CPSMS..bs7ocx

    For example, when you are discovering from the Gateway to Management Server:

    • OPSEC Application DN: CN=cpsms230,O=vm226-CPSMS..bs7ocx

    • OPSEC Application Host: vm230-CPSMS2-GW3

    The Entity SIC Name is CN=cp_mgmt_vm230-CPSMS2-GW3,O=vm226-CPSMS..bs7ocx

  8. Use the Check Point SmartDashboard application to enter the OPSEC Application Object SIC name that was created on the CPSMS.

    For example: CN=cpsms230,O=vm226-CPSMS..bs7ocx

  9. Obtain the OPSEC SSL Certificate:
    1. Click Get Certificate.
    2. In the Certificate Authority IP field, type the IP address.
    3. In the Pull Certificate Password field, type the one-time password for the OPSEC Application.
    4. Click OK.
  10. Click OK.
  11. Click Protocols and verify that the CPSMS protocol is selected.

    The default port for the CPSMS protocol is 18190.

  12. Click Discover From Check Point OPSEC, and then enter the CPSMS IP address.
  13. Click OK.
  14. Repeat these steps for each CPSMS device that you want to add.

What to do next

When you add all the required devices, back up the devices, and view them in the topology.