ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

SCP logs from CheckPoint firewall

book

Article ID: 184580

calendar_today

Updated On:

Products

CASB Audit CASB Gateway Advanced

Issue/Introduction

Configured data source in Audit to receive logs directly from CheckPoint firewall via SCP, but the transfer fails with encryption error. 

no matching mac found: client hmac-md5,hmac-sha1,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 server hmac-sha2-256,hmac-sha2-512

Cause

CloudSOC only supports secure encryption algorithms (sha2).

Environment

CheckPoint R80.10

Resolution

Send logs to SpanVA within your network using FTP and set up a SpanVA data source.