Checkpoint Connector Setup Guide
This guide outlines the configuration steps to integrate Checkpoint Firewall with XDR using the Event Downloader Connector and Response Connector. It includes steps for API key generation and App Connector usage for private network environments.
1. When to Use App Connector
If the Checkpoint firewall is deployed in a private network without public access, an App Connector is required to establish communication between the firewall and the XDR platform.
👉 Refer to the guide: Setting up App Connector at Client End
2. Generate API Key in Checkpoint Smart Console
- Log in or sign up to the Checkpoint Smart Console.
- Navigate to Management and Settings.
- Click on New to create an API key.
-
Under Authentication:
- Set Authentication Method to:
API Key
- Set Authentication Method to:
-
Under Permissions:
-
Choose the Permission Profile (e.g., Read-only for Ingestion Connector).
You can choose a different profile based on your use case (e.g., Read/Write for Response Connector).
-
- Click OK to generate the API key.
- Copy and save the API key. It will be used during connector configuration.
- Click Publish to apply your recent changes.
3. Configuration in XDR
🔹 Checkpoint Event Downloader Connector
Location: XDR → Connectors → Ingestion
- Select Checkpoint Event Downloader Connector.
- Click Configure.
-
Provide the following details:
- Server URL
- API Key
- Trust any certificate?:
true
orfalse
- Has public access?:
yes
orno
- App Connector Identifier (required if
public access = no
)
- Click Validate and Save.
🔹 Checkpoint Response Connector
Location: XDR → Connectors → Response
- Select Checkpoint Response Connector.
- Click Configure.
-
Provide the following details:
- Server URL
- Access Token (API Key)
- Trust any certificate?:
true
orfalse
- Has public access?:
yes
orno
- App Connector Identifier (if applicable)
- Click Validate and Save.