Application awareness support for Check Point R80+

Application Awareness in Check Point R80+ enhances your control and visibility over network traffic by seamlessly integrating with FireFlow's change request system. This feature allows for a streamlined workflow, enabling effective management of network infrastructure through detailed insights and direct actions within the FireFlow environment.

It offers the following benefits:

  • Generate change requests while leveraging Check Point application insights directly within FireFlow's work order view.

  • Gain comprehensive insights into both services and applications within FireFlow's work order view. This detailed visibility empowers you to make informed decisions and effectively manage your network infrastructure.

  • Identify default services by simply hovering over the 'Application-default' column.

Configuration Steps

Follow these steps to configure Check Point 80+ Application Awareness to suit your network environment and operational needs effectively.

Do the following:

  1. In the AFA Administration area, navigate to the Options > Advanced Configuration tab.

  2. Enable Check Point 80+ Application Awareness:

    Set the AlgoSec_EA_CKP_Application_Control flag to true

    Name AlgoSec_EA_CKP_Application_Control
    Value
    • true = Enable Check Point 80+ Application Awareness
    • false (default) = Disable Check Point 80+ Application Awareness

  3. Configure Application Data Cache Settings:

    Name CKP_App_Data_Cache_Enabled
    Value

    Enter one of the following:

    • true (default) = Enable cache to save Check Point application requests (R80+)
    • false = Disable cache to save Check Point application requests (R80+)
    Name CKP_App_Data_Cache_Refresh_Days
    Value

    Sets how many days the cache for Check Point application requests will be saved for CKP R80+. Default is 1 (day)

  4. Configure Legacy Support:

    Name CKP_Application_Control_For_Legacy
    Value

    Determines whether or not to support Check Point Application Control on older/legacy R80.x Check Point devices running API version lower than 1.6.1. By default, this parameter is not defined.

    Note: AlgoSec does not recommend enabling this parameter due to the performance impact on the Check Point management device.

    • true = Enable support

  5. Click OK

  6. Set app or service preference: Set the following FireFlow flag as required. For instructions, see Override FireFlow system defaults.

    Name CheckPointApplicationsOrServicesPreference
    Value

    Controls whether to implement apps or services when both are present in the traffic line.

    Enter one of the following:

    • true = Prefer apps when there are both apps and services present in a traffic line for R80+ device
    • false (default) = Prefer services when there are both apps and services present in a traffic line for R80+ device