Check Point WatchTower – manage NGFW from a smartphone

Good afternoon, today I would like to touch on the topic of equipment for small businesses and offices for up to 150-300 users. Modern security threats require network perimeter protection regardless of the size of the enterprise. CheckPoint offers a number of products in the series specifically for these tasks: 1400 series, 1500 series. Equipment (SMB) comes with a specially developed version of Gaia Embedded (for ARM architecture), has its own characteristics in setting up and interacting with the administrator. Management can be carried out either locally, that is, directly through the Security Gateway itself (using the Web interface), or centrally – using a separate Management Server (via SmartConsole).
Perhaps the third option for manage your gateway using a smartphone. CheckPoint WatchTower allows you to connect to your Security Gateway using a special mobile application.

After synchronization, you will receive instant notifications about security events, you can block infected end devices, view statistics, and configure security policies.

An important requirement for the application to work is the installed version of Gaia R77.20.86 and higher, as well as local management of gateway policies!

The main functions of the application:

  1. Monitoring and access control for devices connected to your network;
  2. Security alerts allow real-time notification of malicious attacks and unauthorized computers;
  3. Remote configuration of policies for your Security Gateway, with the ability to install for multiple devices at once;
  4. Statistics of received and sent traffic for your network.

Access setting

In order to use WatchTower, you need to have a mobile device with an installed OS of at least iOS 9 / Android 6.
1) You can download the application using the following QR codes:

2) After installing and launching the application, you will be asked to go through the registration procedure, you will need a separate account for the WatchTower account:

3) The next step is to synchronize between the Security Gateway and your mobile application. To do this, go to the tab 1) on the Gaia Portal main page of your gateway and click on 2):

4) After the transition, you will be asked to generate a QR code for the selected user (in our case, admin):

It will be necessary to read the QR code using the phone and enter the login information from the user “admin”:

5) In case of successful authorization, you will be redirected to the main control page via the mobile application:

Feature Overview

1) The “Events” tab contains information about the latest events related to your Security Gateway, includes information about an attempt to download malicious files, actions with equipment (reboot, interface crash), etc.
2) The “Statistics” tab contains information about the volume of transmitted traffic.

3) In the Settings tab, there are system settings for the tangent of your gateway, as well as the ability to switch to Gaia Portal – directly from the application.
4) I would also like to draw attention to the events that you receive on your mobile phone if you open one of them.

5) Another important option is the ability to access the Gaia Portal directly from your mobile device:

Conclusion

Testing WatchTower showed a lot of useful features that you can use without acquiring additional licenses or subscriptions. Managing policies, tracking events in real time, obtaining statistics – all this has become possible thanks to the CheckPoint mobile application.

A large selection of materials on Check Point from TS Solution. Keep for updates (Telegram, Facebook, VK, TS Solution Blog, Yandex Zen).

Posted by Nikita Turkov (CCSE), TS Solution Engineer

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *