• Check Point
  • Announcing 5.4: New rule engine, Check Point 61000/41000 support

Announcing 5.4: New rule engine, Check Point 61000/41000 support

Welcome 5.4!

In this release we’ve included phase one of our infrastructure operations platform, added new content and as well as Check Point 41k/61k support. In addition, specific feature requests and bugfixes were included. Please reach out to our support team to get the updated release.

IMPORTANT NOTE TO ALL USERS: Starting with 5.4, the licensing mechanism is attached to the indeni instance’s unique identifier (uid) and not the IP address. This allows customers to not only change the IP of their indeni instance, but also set up cold active/standby high-availability in case the primary indeni instance is down or is cut off from the network. To set up cold active/standby, please reach out to our support team.

New content:

  • New Rule Engine: With this release, a new rule engine has been incorporated into the product. In the future it will allow partners, consultants and customers to write their own checks on top of indeni’s infrastructure operations platform. This is an early version of the engine. If you are interested in learning more, please email [email protected].
  • IK-2449: Support Check Point 61k/41k – initial support (Check Point firewalls). This includes:
    • CPU, memory, swap and disk utilization
    • Tracking of number of connections and alerting when a drastic drop in connections occurs
    • Blade status tracking (up, down, flapping)
    • License tracking
    • Network port utilization, drops, errors
  • Ability to alert when specific logs are found matching regular expression patterns. Sample patterns included with this release:
    • outed.*quitting because too many sockets open
    • routed.*Exit routed
    • fwha_.*
    • cul_load_.*
    • Port .*?: Down
    • PPPoE session failed to connect
    • NAT Hide failure.*
    • Invalid username/password
    • Failed to check .*? content upgrade info due to generic communication error
    • Failed password for.*
    • Drive error detected
    • Chassis Master Alarm:
    • Auto update agent failed to download new content
    • .*internal error – invalid port.*
    • .*[Ll]ogin denied.*
    • .*? job failed for user Auto update agent

NOTE: The support for Check Point 61k/41k was built entirely on the new rule engine included in this release.

Select new signatures:

Select bugfixes and minor improvements:

  • IS-1862: Support HTTPS proxy for indeni insight
  • IS-1844: Treat chassis devices (61k, 41k, Crossbeam, 7080, etc.) separately for licensing purposes
  • IS-1437: Use indeni instance ID for licensing instead of IP address (allow IP address changes for indeni devices)
  • IS-920: SNMP traps: change flow to use indeniNewAlertTrap every time that an alert becomes active instead of only sending indeniAlertStatusUpdateTrap
  • IK-2510: Bugfix: indeni continues to backup a device after it’s removed from the backup schedule
  • IK-2495: SecureXL templates are partially disabled’ does not alert for VSs (Check Point firewalls)
  • IK-2494: Inaccurate parsing of firewall kernel memory in ‘fw ctl pstat’ (Check Point firewalls)
  • IK-2493: Monitoring Suspended due to unexpected mpstat output
  • IK-2479: Failing to discover MDM using RADIUS-based login (Check Point firewalls)
  • IK-2448: Cache HKLM_registry output to reduce bandwidth usage (Check Point firewalls)
  • IK-2447: Improve ‘lsof’ command usage to reduce data usage
  • IK-2442: Failed to Communicate alerts: send via email when these occur
  • IK-2408: Contract expired/about to expire’ alerts should only display the contract and add reference to SmartUpdate (Check Point firewalls)
  • IK-2405: “Use of NTP servers configured but not operational” add details even when all NTP servers are not synced (All devices)
  • IK-2339: Swap memory usage should always alert if swap is used (reduce alerting threshold to 1%) (All devices)
  • IK-1979: Sync loss events have occurred – possible sync network issue (SA#35136)’ false positive in case of policy installation, set a threshold for alerting to 5 sync loss events (Check Point firewalls)
  • IK-2497: Errors appear in the indeni web console due to devices being deleted

Get in touch

We’re the DDI provider you’ve been looking for.
Drop us a line and let’s talk.

Related content

Article

BlueCat enters agreement to acquire LiveAction to broaden its portfolio of network infrastructure management solutions

Expanded solutions to include LiveAction’s industry-leading network observability and intelligence platform, purpose built for enterprise-grade network…

Read more

BlueCat partners with Pacific Tech to expand distribution in APAC

The new distribution agreement between BlueCat and Pacific Tech will help businesses and organizations in Southeast Asia accelerate network modernization.

Read more

BlueCat announces new capabilities to help organizations modernize their network infrastructure

Enhanced products and expanded portfolio offerings provide flexibility and control to manage, secure, and build complex, multicloud networks.

Read more

BlueCat appoints Scott Fulton as Chief Product and Technology Officer

An accomplished executive in software product management and engineering leadership, he will lead the next phase of product development and growth.

Read more

BlueCat to acquire LiveAction

BlueCat adds LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.