sc1.checkpoint.com
Open in
urlscan Pro
104.102.61.167
Public Scan
URL:
https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_LoggingAndMonitoring_AdminGuide/Topics-LMG/Log_Acti...
Submission: On October 29 via manual from UA — Scanned from DE
Submission: On October 29 via manual from UA — Scanned from DE
Form analysis 1 forms found in the DOM
#
<form class="search" action="#">
</form>Text Content
* How to Search in this Book * Important Information * Show me the Videos * Introduction to Logging and Monitoring * Getting Started * Views and Reports * Logging * Event Analysis * Monitoring Traffic and Connections * Third-Party Log Formats * Log Exporter * Command Line Reference * Appendix: Manual Syslog Parsing * Glossary * How to Search in this Book * Important Information * Show me the Videos» * Introduction to Logging and Monitoring * Getting Started» * Views and Reports» * Logging» * Event Analysis» * Monitoring Traffic and Connections» * Third-Party Log Formats * Log Exporter» * Command Line Reference * Appendix: Manual Syslog Parsing» * Glossary R80.40 Logging and Monitoring Administration Guide Filter: * All Files Submit Search * How to Search in this Book * Important Information * Show me the Videos Show me the Videos * Introduction to Logging and Monitoring * Getting Started Getting Started * Views and Reports Views and Reports * Logging Logging * Event Analysis Event Analysis * Monitoring Traffic and Connections Monitoring Traffic and Connections * Third-Party Log Formats * Log Exporter Log Exporter * Command Line Reference * Appendix: Manual Syslog Parsing Appendix: Manual Syslog Parsing * Glossary LOG ACTIONS This table describes some of the log actions in the Action Description Accept The Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. allowed traffic based on the Access Control Security Policy Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection.. Ask User * The user was prompted to decide if the Security Gateway must block or allow specific traffic, based on Access Control or Custom Threat Prevention Security Policies. Or * A DLP incident was captured and put in quarantine. The user was asked to decide what to do. Bypass Threat Emulation Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE., Threat Extraction Check Point Software Blade on a Security Gateway that removes malicious content from files. Acronym: TEX. or Anti-Virus Check Point Software Blade on a Security Gateway that uses real-time virus signatures and anomaly-based protections from ThreatCloud to detect and block malware at the Security Gateway before users are affected. Acronym: AV. did not inspect a file. Decrypt The Security Gateway decrypted a VPN packet to reveal its content and allow further inspection. Detect A Threat Prevention blade detected malicious traffic but did not block it because it worked in the Detect mode. Drop The Security Gateway blocked traffic based on the Access Control Security Policy and did not notify the source. Encrypt The Security Gateway encrypted a VPN packet to secure its contents and prevent unauthorized access. Extract Threat Extraction extracted potentially malicious content from a file before the file entered the network. HTTPS Bypass The Security Gateway allowed network traffic to bypass HTTPS Inspection Feature on a Security Gateway that inspects traffic encrypted by the Secure Sockets Layer (SSL) protocol for malware or suspicious patterns. Synonym: SSL Inspection. Acronyms: HTTPSI, HTTPSi.. HTTPS Inspect The Security Gateway inspected HTTPS traffic. Inform User * The user was informed what the organization's policy was, based on the Access Control or Custom Threat Prevention Security Policies. Or * DLP transmission was detected and allowed, and the user was notified. Inline Traffic was sent for emulation before it was allowed to enter the internal network. Inspect Threat Emulation or Anti-Virus inspected a fie. IP Changed An association between a specific IP address and a user changed, because the IP address on the associated host changed (DHCP). Key Install The Security Gateway created encryption keys for VPN. Open Shell An administrator opened a command shell to a Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. server. Packet Tagging The Security Gateway shared a packet tagging key with an Identity Agent. Prevent The Security Gateway blocked traffic based on the DLP or Threat Prevention policy. Run Script An administrator executed a script on a Gaia server from SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.. Update The Security Gateway downloaded and installed the latest version or Hotfix Software package installed on top of the current software version to fix a wrong or undesired behavior, and to add a new behavior.. VPN Routing The Security Gateway directed the VPN traffic through the appropriate specific VPN tunnel or Security Gateway. 04 July 2024 © 2020 - 2024 Check Point Software Technologies Ltd. FEEDBACK