Hi all, we are in the process of connecting one of our CheckPoint firewalls with InsightIDR. We noticed in the event source setup page in InsightIDR that there’s a checkbox for encryption and it provides a certificate that can be downloaded. We were wondering how to install this certificate on the CheckPoint appliance so we are able to encrypt the traffic between the firewall and the collector. Has anyone experience with that?
This doc from the checkpoint side should get you started: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_LoggingAndMonitoring_AdminGuide/Topics-LMG/Log-Exporter-TLS-configuration.htm
Thank you! If I read the article correctly then I need to create a self signed certificate, a client certificate for the Log Exporter and a server certificate. The server certificate will then be installed on my local collector right?