PDA

View Full Version : Checkpoint and Netflow collector



Kanan
2016-09-22, 05:38
Hi there,we are using manageengine netflow collector.And our Checkpoing OS version is R77.30.We have done netflow configuration in GUI side,collector gets and analysis flows from checkpoint.But we dont see all traffic from checkpoint.What could be a reason?
Using netflow version is 9 and SecureXL is enabled in checkpoint.

thanks in advance,

Kanan

mcnallym
2016-09-22, 11:05
I take it that you are getting SOME traffic information, when you say don't see all.

sk102041 is presumably what followed.

From the Sk

You can configure Gaia OS as an Exporter of NetFlow records for all the traffic that is accelerated by SecureXL (SecureXL must be enabled for NetFlow to operate properly).

•NetFlow reports all traffic that is handled by SecureXL device (Accelerated path traffic + Medium path (PXL) traffic + Firewall path / Slow path (F2F) traffic + traffic dropped by SecureXL Drop Templates).

As such if the traffic isn't handled by SecureXL then isn't exported via Netflow