Support Center > Search Results > SecureKnowledge Details
What does Check Point PRO support monitor? Technical Level
Solution
Refer to the table below for more details regarding which areas the cpdiag tool monitors and is able to report on. This diagnostic tool, among other things, provides daily reports regarding issues with Check Point PRO support.

For more information about PRO Support and activation steps please see:  sk120332: Check Point PRO active support: What is shared and configuration steps 

Category Description of Checks Examples
Compliance Alert Check Point's Compliance blade architecture allows us to pull notifications and identify areas of vulnerability. Our alerts are updated in line with changes and improvements from our compliance team.
  • Each cluster must have "Enable extended cluster Anti-Spoofing" enabled.
  • The Threat Emulation engine should be updated at least every two hours.
Compliance Best Practice Check Point's Compliance blade architecture allows us to pull notifications and identify areas of vulnerability. Our alerts are updated in line with changes and improvements from our compliance team. Each Gateway should send its Firewall logs to a log server.
  • If it is a standalone Gateway, this Best Practice is automatically passed.
  • If the Gateway is connected to a single Management Server, the checkbox "send gateway logs and alerts to server" must be checked.
  • If the Gateway is connected to multiple Management Servers, at least one must be specified.
System Relates to the overall device, including items like Interface drops, log pattern matches, traffic statistics, and health monitoring
  • RX Errors
  • Known log pattern: Too many internal hosts
  • ASG diagnostics issues
  • SIC was initialized, but Trust was not established.
Hardware Designed to catch hardware failures where possible, including items like Sensor readings.
  • Power Supply is down
  • Battery Voltage reading is outside normal bounds.
  • System Fan is down.
Cluster XL Cluster health items, including items related to sync, cpha prob stat etc.
  • ClusterXL sync is off.
  • ClusterXL member status is Active Attention 
  • Sync traffic is dropped by overload
Configuration Monitoring of best practice and recommending settings like SecureXL.
  • SecureXL is turned off.
  • IPS Bypass Under Load is off.
Support Life Cycle Life Cycle Policy Life Cycle Policy
License Monitors contracts, support agreements, and expiration warnings
  • Contract is about to expire.
  • Device has licenses installed from multiple accounts.
Fixes Verifies version details for installed devices
  • User space crash
  • Kernel crash
Patch Level Verifies version details for installed devices The installed Jumbo HFA version is at least two releases behind the recommended version.
VSX VSX customer Alerts  VSX NDMI configuration
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
Applies To:
  • https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk120332

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment