Setting up Harmony SASE Integration – Check Point Software Technologies

Summary

In order for the Check Point MDR team to monitor your SASE data we will require integration with your Check Point Portal.

Note: Prior to completing these steps, your SASE service should be enabled, licensed, and configured.

For MDR alerting, please configure the Threat Prevention Policy in the SASE Admin Guide.

If you require additional assistance in completing the configuration of your SASE service please contact your sales engineer.

For additional MDR assistance, open a ticket in the MDR Customer portal under "MDR Support" or if you are currently onboarding reply to your welcome email, and we will schedule a time to assist.

Note: We will need these three items filled in on the MDR customer portal profile page when adding the integration also ensure the procedure outlined below is completed before adding:

Client ID
Client Secret
Cloud Region

Required: Adding MDR SOC Access

Before submitting the integration on the MDR Portal please add Daniel Green danielgree@checkpoint.com to your Harmony SASE user pool. This is our SOC manager, he requires this access to do the following:

He will add the MDR SOC team to your tenant as read only so that they can fully investigate malicious alerts seen from your environment.

STEPS:

Select the Gear Icon>Users and select New in the toolbar.
In the Name field, enter a user name. Daniel Green
In the Email field, enter the new user's email address. danielgree@checkpoint.com
In the Global Roles field, select the roles for the new user from the list. You can select multiple roles for each user. Please select "Admin"
Click Add to save.