Need SNMPv3 context support for Checkpoint VSX firewalls

Idea created by daniel.santos.gsk on Jun 1, 2015
    New
    Score30

    Please enhance modeling of Checkpoint VSX firewalls to include the virtual firewalls (using SNMPv3 contexts).

     

    Currently when discovering the management IP of the Checkpoint 21700 Series device that hosts a number of VSX (virtual firewalls) on it only the interfaces on the VS0 virtual firewall show up in the model. No interfaces from the other VS (virtual firewalls) that are configured appear in the model's interface table.

    According to the documentation from Checkpoint, this is how it works by design when polling the management interface.

    SNMP agents will not reply from the Virtual firewalls to allow us to model them individually.

    The Virtual firewalls must be modeled via the VS0 using SNMPv3 contexts for each of the virtual. This is the only way to do it.

    We would like to request that SNMPv3 enhancements be made in order to accommodate the context polling in v3.

    This will likely be something that more and more vendors do as the industry moves more into nationalization and having to use v3 for security.

     

    Thanks

    Dan