Header Only - DO NOT REMOVE - Extreme Networks

Extreme Management to Checkpoint Firewall Integrations


I was wondering if anyone was pulling user data from Extreme Management(NAC) into a Checkpoint appliance to Map IP to Users. Any if so how people were doing it. Also if there are any other integrations between the to systems?

12 replies

Userlevel 6
Hi.

AFAIK the integration between Extreme Control and CheckPoint is very new. It does exactly what you mentioned => update IP-UserID mapping in CheckPoint.

The opposite integration is generic and should work also = if CheckPoint (anything) send the syslog with specific/configured format to the EMC then endsystem can be blacklisted => quarantined.

Please contact your local Extreme SE = You can get it from the SAI team then.

Regards

Z.
Thanks, I'll poke my SE.
Userlevel 2
I just set this up with a local Checkpoint SE last week. We setup the Checkpoint as a radius server and sent accounting logs to the Checkpoint box and it was then able to tie into Active Directory and pull the user accounts mapped to an IP address.

This was for a customer that was using 802.1x authentication.
Userlevel 3
Hi all,
I'm trying to do a distributed IPS with Extreme Connect module (I'm using EMC version 7.1.1.9 and connect module version 3.02-3) and a Check Point R80.10 firewall.
I've defined the module as below screenshot



and on EMC I receive a snmp v1 trap as follow:



But is trap is not received by the Connect module specific for the Distributed IPS integration...
Has got someone a working scenario with Check Point and the Connect module?

Regards.
Antonio
Userlevel 3
I've forget one screenshot of the snmp trap received

Userlevel 3
Hi, no one has tried this integration?
Userlevel 6
Antonio Opromolla wrote:

Hi, no one has tried this integration?

Hi,

Distributed IPS is working. Video is now available at GitHub. How-To configure it will follow soon.
Userlevel 6
Hi.
the integration is ready and here is https://extremenetworks2com-my.sharepoint.com/<img class="emojione" alt="&#x270c;" title=":v:" src="https://cdn.jsdelivr.net/emojione/assets/png/270c.png?v=2.2.7"/>/g/personal/zpala_extremenetworks_com/ERr2xDU5awxKpkel7BTURawBTYKciymqiCLf-iKmSi-E2g?e=as5Ccnhow it works.

Enjoy.
Userlevel 6
Documentation of the integration between Extreme Management and Check Point firewall is available here.
Userlevel 2
Pala, Zdenek wrote:

Documentation of the integration between Extreme Management and Check Point firewall is available here.

Hi,
nice to see that you did Infoblox IPAM integration script too! I'll try this soon.
Userlevel 2
Pala, Zdenek wrote:

Documentation of the integration between Extreme Management and Check Point firewall is available here.

for the infoblox integration - nice work! That was what I was looking for 🙂
One question to this: If i dont want the comment field to get updated (replacing data with "XMC Updated"), what needs to be changed on the python code?
Userlevel 2
Pala, Zdenek wrote:

Documentation of the integration between Extreme Management and Check Point firewall is available here.

got it, just missed the right syntax.

Reply