3
responses

I was reading the Enterprise Edition documentation on Check Point OPSEC LEA. Can this be done on a Windows server or do I need to use a Linux server?

AskedOctober 20, 2016 - 4:25pm

Answer (1)

This is Linux only currently.

Comments (2)

  • b0ti's picture
    (NXLog)

    While syslog logging is available from CheckPoint devices you should be aware about the limitations of BSD Syslog. UDP is not reliable nor secure. Moreover CheckPoint OPSEC provides structured data and the LEA fields can be properly captured without parsing.