SCP logs from CheckPoint firewall
Article ID: 184580
Updated On:
Products
CASB Audit
CASB Gateway Advanced
Issue/Introduction
Configured data source in Audit to receive logs directly from CheckPoint firewall via SCP, but the transfer fails with encryption error.
no matching mac found: client hmac-md5,hmac-sha1,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 server hmac-sha2-256,hmac-sha2-512
Environment
CheckPoint R80.10
Cause
CloudSOC only supports secure encryption algorithms (sha2).
Resolution
Send logs to SpanVA within your network using FTP and set up a SpanVA datasource to collect the logs.
Feedback
Yes
No
Powered by
