Skip to main content

Targeting CheckPoint

Once you have configured the Check Point server and generated users, add the Check Point server as a target system in Bravura Security Fabric :

  • Type is CheckPoint Software Endpoint Security .

  • Address uses options described in the table below.

    The target system address for an installation of Pointsec for PC / Full Disk Encryption is entered as follows:

    {server=<serverName>;port=<portNumber>;ssl=true|false;checkCert=true|false;Version=<versionNumber>;sdkpath=<sdkPath>;Handler=<handlerFunc>;Algorithm=AES|BLOW;ResponseLength=15|20|25|29;}

  • Administrator ID is the user ID you created in Configuring the Check Point server .

The full list of target parameters is explained in Target System Options.

Table 1. CheckPoint Software Endpoint Security address configuration

Option

Description

Options marked with a redstar.png are required.

Server redstar.png

The IP address/domain name of the web server running CheckPoint Software Endpoint Security.

(key: server)

Port redstar.png

The port number used by the CheckPoint Software Endpoint Security web service to communicate with client.

(key: port)

Connection over SSL

Select to enforce SSL connections. Default is "true".

(key: ssl)

Validate the server’s certificate when connecting

Determines whether to validate the server’s security certificate for SSL connections. Default is "true".

(key: checkCert)

HTTP Network Proxy

Specifies a proxy URL to use for connecting.

(key: proxy)

Version redstar.png

Indicates the version of CheckPoint:

  • Pointsec for PC (value: 5)

  • Pointsec for PC 6 / Full Disk Encryption (value: 6)

  • CheckPoint Full Disk Encryption v8.x (value: 8)

  • Pointsec Media Encryption (value Media)

    (key: Version)

Advanced

Checkpoint FDE API path

Specify the Checkpoint FDE API path if the standard is not used.

Standard FDE API path is:

  • CheckPoint Full Disk Encryption v8.x

    webrh/services/webRHSDK

  • Pointsec for PC, Pointsec for PC 6 / Full Disk Encryption and Pointsec Media Encryption

    webRHService/webRHService.dll

    (key: sdkpath)

Handler function

Indicates a specific SOAP handler function.

Currently, the webRH interface only supports the default handler setting, but if Check Point provides alternate handlers in the future, modifying this value may be necessary.

(key: Handler)

Encryption algorithm

Only required for Pointsec for PC. Select AES or BLOW.

See your webRH documentation for help determining the value for this parameter.

(key: Algorithm)

Response length

Set to 15, 20, 25, or 29. This value is only required for Check Point Pointsec Media Encryption.

See your webRH documentation for help determining the value for this parameter.

(key: ResponseLength)



In this section: