Monitor Check Point firewall device performance, interface throughput, and cluster health with SNMP metrics, topology, and alerts.
Monitor health state and performance of your Check Point Firewall devices and provide a unified analysis for Ops, DevOps and IT Admins.
The Check Point Firewall extension leverages the SNMP protocol to provide a complete solution to monitor Check Point Firewall Devices. The extension is built on top of the Extension 2.0 Framework and its complete configuration is provided out-of-the-box.
Use this extension to:
down state.
Infrastructure & Operations for an overview of all monitored Network Devices in the environment.For more information about the configuration, see SNMP Extension Documentation.
The extension package contains:
For more information, see Simplified observability for your SNMP devices.
There is no charge to use the extension. You are only charged for the data that the extension ingests.
The Check Point Firewall extension ingests custom metrics, which consume Davis Data Units (DDUs) (Dynatrace classic license) or Metrics powered by Grail (DPS), according to your license model.
The extension runs most SNMP queries every minute. Below is a breakdown of metrics by feature set only including metrics collected once per minute (there are two metrics in the default feature set that are collected at a 30 minute interval):
default: 7 x Check Point Firewall Devices + 3 x Check Point Firewall InterfacesCheck Point Device: 15 x Check Point Firewall DevicesInterfaces: 9 x Check Point Firewall Interfaces
For example, a monitoring configuration with all feature sets enabled, containing 1 Check Point Firewall with 1 Interface, produces 33 metric data points per minute.
In the Dynatrace Platform Subscription, metric ingestion consumes Metrics powered by Grail according to the number of ingested metric data points.
To calculate the approximate yearly consumption, apply the following calculation: <metric data points per minute> * 60 minutes * 24 hours * 365 days.
For the example above: 33 * 60 * 24 * 365 = 17,344,800 metric data points per year.
In the classic licensing model, metric ingestion consumes Davis Data Units (DDUs) at the rate of .001 DDUs per metric data point. Multiply the above formula for annual data points by .001 to estimate annual DDU usage.
For the example above: 33 * 60 * 24 * 365 * 0.001 = 17,344.8 DDUs per year.
The DDU cost above does not include any possible log events or custom events that are triggered by the extension. For more information, see DDU events.
When activating your extension using a monitoring configuration, you can limit monitoring to one of the feature sets. To work properly, the extension has to collect at least one metric after the activation.
In highly segmented networks, feature sets can reflect the segments of your environment. Then, when you create a monitoring configuration, you can select a feature set and a corresponding ActiveGate group that can connect to this particular segment.
All metrics that aren't categorized into any feature set are considered to be the default and are always reported.
A metric inherits the feature set of a subgroup, which in turn inherits the feature set of a group. Also, the feature set defined on the metric level overrides the feature set defined on the subgroup level, which in turn overrides the feature set defined on the group level.
| Metric name | Metric key | Description |
|---|---|---|
| Physical component state | checkpoint.firewall.component.state | A state metric representing the details of physical components. This is used to collect details about the device stack. Value is always 1; use the dimensions to view details. |
| Metric name | Metric key | Description |
|---|---|---|
| Disk percent | checkpoint.firewall.disk.percent | Percent of free space |
| Users connected | checkpoint.firewall.users.connected | Number of connected users |
| Accepted packets | checkpoint.firewall.packets.accepted.count | Accepted packets |
| Dropped packets | checkpoint.firewall.packets.dropped.count | Dropped packets |
| Logged packets | checkpoint.firewall.packets.logged.count | Logged packets |
| Rejected packets | checkpoint.firewall.packets.rejected.count | Rejected packets |
| Number of connections | checkpoint.firewall.connections | Number of connections |
| Peak number of connections | checkpoint.firewall.connections.peak | Peak number of connections |
| Total virtual memory | checkpoint.firewall.memory.total.virtual | Total virtual memory |
| Active virtual memory | checkpoint.firewall.memory.active.virtual | Active virtual memory |
| Total real memory | checkpoint.firewall.memory.total.real | Total real memory |
| Active real memory | checkpoint.firewall.memory.active.real | Active real memory |
| Free real memory | checkpoint.firewall.memory.free.real | Free real memory |
| Processor system time | checkpoint.firewall.cpu.time.system | Processor system time |
| Processor usage | checkpoint.firewall.cpu.usage | Processor usage |
| Processor user time | checkpoint.firewall.cpu.time.user | Processor user time |
| System uptime | checkpoint.firewall.sysuptime | The system up time since boot, in system ticks (hundredths of a second) |
| Metric name | Metric key | Description |
|---|---|---|
| — | com.dynatrace.extension.network_device.if.bytes_in.count | — |
| — | com.dynatrace.extension.network_device.if.bytes_out.count | — |
| — | com.dynatrace.extension.network_device.if.lastchange | — |
| Metric name | Metric key | Description |
|---|---|---|
| — | com.dynatrace.extension.network_device.sysuptime | — |
| — | com.dynatrace.extension.network_device.cpu_usage | — |
| — | com.dynatrace.extension.network_device.memory_used | — |
| — | com.dynatrace.extension.network_device.memory_free | — |
| — | com.dynatrace.extension.network_device.if.status | — |
| Metric name | Metric key | Description |
|---|---|---|
| — | com.dynatrace.extension.network_device.if.in.errors.count | — |
| — | com.dynatrace.extension.network_device.if.in.discards.count | — |
| — | com.dynatrace.extension.network_device.if.out.errors.count | — |
| — | com.dynatrace.extension.network_device.if.out.discards.count | — |
| — | com.dynatrace.extension.network_device.if.in.multicast_pkts.count | — |
| — | com.dynatrace.extension.network_device.if.out.multicast_pkts.count | — |
| — | com.dynatrace.extension.network_device.if.in.broadcast_pkts.count | — |
| — | com.dynatrace.extension.network_device.if.out.broadcast_pkts.count | — |
| — | com.dynatrace.extension.network_device.if.in.ucast_pkts.count | — |
| — | com.dynatrace.extension.network_device.if.out.ucast_pkts.count | — |
| Metric name | Metric key | Description |
|---|---|---|
| Device entity attributes | checkpoint.firewall.entity_attributes | Constant value of 1 used for reporting entity attributes at a lower frequency |
| Metric name | Metric key | Description |
|---|---|---|
| Bytes in | checkpoint.firewall.if.bytes.in.count | Number of octets received on the interface |
| Packets in | checkpoint.firewall.if.packets.in.count | Number of packets received on the interface |
| Bytes out | checkpoint.firewall.if.bytes.out.count | Number of octets sent on the interface |
| Packets out | checkpoint.firewall.if.packets.out.count | Number of packets sent on the interface |
| Errors in | checkpoint.firewall.if.errors.in.count | Number of packets with errors received on the interface |
| Errors out | checkpoint.firewall.if.errors.out.count | Number of packets with errors sent on the interface |
| Oper status | checkpoint.firewall.if.status.oper | Current operational state |
| Admin status | checkpoint.firewall.if.status.admin | Desired state of interface |
| Speed | checkpoint.firewall.if.speed | Estimate of interface's current bandwidth |
To troubleshoot this extension, use the guides available in the Dynatrace Community, and Dynatrace Documentation.