Checkpoint device modelling in Spectrum creating multiple models with the same ip address
Release : Any
Component : Spectrum Modeling
This is functioning as designed when modeling the Checkpoint device using an snmp v3 community string.
Reference the following from the "Certifying and supporting virtual systems within Check Point Firewall" section of the documentation:
10.2 certifies and enables discovery and modeling of virtual systems present in the Checkpoint Point Firewall.
Each Checkpoint Firewall has a Primary context and multiple Virtual contexts, which can be treated as separate Firewalls. The primary and virtual contexts share the same IP address, but maintain their own set of interfaces and routing tables. With SNMPv2, you cannot discover and model virtual systems, only the root context information can be fetched.
If you want to monitor virtual systems within a CheckPoint Firewall you need to have the Firewall configured with SNMPv3.
A separate container is created when DX NetOps Spectrum discovers a Check Point firewall device that has virtual systems. Using the context name to discover the virtual systems of the Checkpoint Firewall, DX NetOps Spectrum communicates with each virtual systems and fetches the corresponding interface information and other VPN, VSX, and connectivity related information.