Design

Network Ports used for communication
Log Files location Check Point

Network Ports used for communication

Introduction

This drawing should give you an overview of the used R80 and R77 ports respectively communication flows. It should give you an overview of how different Check Point modules communicate with each other. Furthermore, services that are used for firewall operation are also considered. These firewall services are also partially mapped as implied rules in the set on the firewall.

Link

Thank you Heiko Ankenbrand for creating such a valuable overview:

https://www.ankenbrand24.de/index.php/articles/check-point-articel/arcitecture/r80-communication-ports/

Overview

Download

https://www.ankenbrand24.de/wp-content/uploads/2019/12/Ports_1.5a.pdf

Log Files location Check Point

Here are the different Log File locations on a Check Point Appliance:

Feature	File Location
Alerts	`/var/log/send_alert.*`
Command auditing	`/var/log/asgaudit.log*`
CPD	`$CPDIR/log/cpd.elg`
Distribution	`/var/log/dist_mode.log*`
Dynamic Routing	`/var/log/routed.log`
Expert mode shell auditing	`/var/log/command_logger.log*`
FWD	`$FWDIR/log/fwd.elg`
FWK	`$FWDIR/log/fwk.elg.*`
Gaia Clish auditing	`/var/log/auditlog*`
Gaia First Time Configuration Wizard	`/var/log/ftw_install.log`
General	`/var/log/messages*`
SMO Image Cloning	`/var/log/image_clone.log.dbg*`
Installation	`/var/log/start_mbs.log`
Installation - OS	`/var/log/anaconda.log`
Log Servers	`/var/log/log_servers*`
Policy	`$FWDIR/log/cpha_policy.log.*`
Reboot logs	`/var/log/reboot.log`
SGM Configuration Pull Configuration	`$FWDIR/log/blade_config.*`
VPND	`$FWDIR/log/vpnd.elg*`