Test Suite for Check Point Firewall 6.1r2-Beta1

Test Suite for Check Point Firewall 6.1r2-Beta1

Run on 2010-12-7 1291703082000


SDK Tests

# Test Name Result Details
11 Test presence of plug-in Check-Point_Firewall_6.1r2-Beta1.clz.zip exists and the file size is 1354300 bytes
12 Test presence of md5 file Check-Point_Firewall_6.1r2-Beta1.md5 exists and the file size is 150 bytes
13 Verify MD5 hash file Check-Point_Firewall_6.1r2-Beta1.clz.zip: OK Check-Point_Firewall_6.1r2-Beta1.spz.zip: OK
14 Test presence of documentation Check-Point_Firewall_6.1r2-Beta1.pdf exists and the file size is 253499 bytes
15 Test version revision history
16 Test presence of EULAs
17 Test presence of package xml package.xml exists in the plugin and the file size is 16093 bytes
21 Test package xml format ******** package.xml is well formed ********
22 Verify files in plugin All files listed in the package.xml are present in the plugin and their md5's match
23 Verify UUID matches previous version UUID is not unique or its not valid
25 Review plug-in description This Collector parses data from Check Point Firewall; see documentation for supported subproducts and connection modes.
26 Compare dates in package and docs
27 Test version in docs and packagexml

Plug-in Type Tests

# Test Name Result Details
11 Test presence of CollPack
12 Test presence of EULA in collpack
21 Verify single default CONNECTION METHOD Found 1 nodes: -- NODE -- LEA
22 Ensure all taxonomy is valid Line TaxonomyKey,Target,SubTarget,Action,SubAction,XDASTaxonomy,XDASOutcome in cp-taxonomy.map had problems: | Target unrecognized | SubAction unrecognizedLine TaxonomyKey,Target,SubTarget,Action,SubAction,XDASTaxonomy,XDASOutcome in taxonomy.map had problems: | Target unrecognized | SubAction unrecognized
24 Verify DeviceName with RV31
28 Verify Collector Pack UUID Conflict UUID is not unique or is not valid
29 Verify Collector Pack Controls Control 'Global Setup' is not found in package.xml Control 'Dashboard Status' is not found in package.xml Control 'Implementation Audit Trail' is not found in package.xml Control 'Event Trends' not found in package.xml Control 'Collector Management' is not found in package.xml
31 All events should have DeviceEventTime, DeviceEventTimeString, EventName, Message, Severity 41 events matched test criteria:<br/>The following events failed this test:<br/>Line 23: et=; evt=Check Point Firewall Event; xdastaxname=; msg=LogFileName="fw.log" LogFileID="1246498632" LogRecNum="29489" time=" 1Jul2009 11:08:56" orig="10.1.100.102" i/f_dir="inbound" has_accounting="0" product="SmartDefense" __policy_id_tag="product=VPN-1 & FireWall-1[db_tag={44A2F4E8-B906-4933-9516-BB606AEEF1C5};mgmt=smartcenter;date=1245313733;policy_name=AutoGenConnectraPolicy]" Memory consumption="11% - 38MB out of 351MB" Capacity notification="Connections table capacity has exceeded 80%" Aggressive aging status="Active" Connections table capacity="80% - 19920 out of 24900<br/>Line 25: et=; evt=Check Point Firewall Event; xdastaxname=; msg=LogFileName="fw.log" LogFileID="1243467892" LogRecNum="65587" time="15Jun2009 17:34:52" orig="securview" i/f_dir="inbound" has_accounting="0" product="SmartDefense" __policy_id_tag="product=VPN-1 & FireWall-1[db_tag={DAA07925-C72B-403F-BF96-2D69DED567B2};mgmt=smartcenter;date=1245140353;policy_name=AutoGenConnectraPolicy]" Memory consumption="9% - 34MB out of 351MB" Capacity notification="Connections table capacity has exceeded 80%" Aggressive aging status="Active" Connections table capacity="80% - 19920 out of 24900
32 All events should have an Observer IP or hostname 41 events matched test criteria:<br/>The following events failed this test:<br/>Line 23: et=; evt=Check Point Firewall Event; xdastaxname=; msg=LogFileName="fw.log" LogFileID="1246498632" LogRecNum="29489" time=" 1Jul2009 11:08:56" orig="10.1.100.102" i/f_dir="inbound" has_accounting="0" product="SmartDefense" __policy_id_tag="product=VPN-1 & FireWall-1[db_tag={44A2F4E8-B906-4933-9516-BB606AEEF1C5};mgmt=smartcenter;date=1245313733;policy_name=AutoGenConnectraPolicy]" Memory consumption="11% - 38MB out of 351MB" Capacity notification="Connections table capacity has exceeded 80%" Aggressive aging status="Active" Connections table capacity="80% - 19920 out of 24900<br/>Line 25: et=; evt=Check Point Firewall Event; xdastaxname=; msg=LogFileName="fw.log" LogFileID="1243467892" LogRecNum="65587" time="15Jun2009 17:34:52" orig="securview" i/f_dir="inbound" has_accounting="0" product="SmartDefense" __policy_id_tag="product=VPN-1 & FireWall-1[db_tag={DAA07925-C72B-403F-BF96-2D69DED567B2};mgmt=smartcenter;date=1245140353;policy_name=AutoGenConnectraPolicy]" Memory consumption="9% - 34MB out of 351MB" Capacity notification="Connections table capacity has exceeded 80%" Aggressive aging status="Active" Connections table capacity="80% - 19920 out of 24900
33 All events should report the Collector name and UUID 41 events matched test criteria:<br/>All events passed.
401 Account events (create, delete, modify, enable, disable, change password) should have InitUserName 0 events matched test criteria:<br/>
402 Account events (create, delete, modify, enable, disable, change password) should have TargetUserName 0 events matched test criteria:<br/>
403 All account queries should have TargetUserName 0 events matched test criteria:<br/>
404 User Login events should have TargetUserName 3 events matched test criteria:<br/>The following events failed this test:<br/>Line 8: et=Wed Jun 10 2009 03:18:11 GMT-0400 (EDT); evt=Log In - Failure; xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=Log In Administrator failed to log in: Wrong Password<br/>Line 9: et=Wed Jun 10 2009 03:19:03 GMT-0400 (EDT); evt=Log In - Success; xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=Log In Authentication method: Password based application token<br/>Line 22: et=Wed Jul 01 2009 11:04:58 GMT-0400 (EDT); evt=Login Success; xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=Success Internal Password
405 User Logout should have InitUserName 3 events matched test criteria:<br/>The following events failed this test:<br/>Line 6: et=Wed Jun 10 2009 03:17:30 GMT-0400 (EDT); evt=Log Out; xdastaxname=XDAS_AE_TERMINATE_SESSION; msg=Log Out<br/>Line 10: et=Wed Jun 10 2009 03:19:03 GMT-0400 (EDT); evt=Log Out; xdastaxname=XDAS_AE_TERMINATE_SESSION; msg=Log Out<br/>Line 12: et=Wed Jun 10 2009 03:20:24 GMT-0400 (EDT); evt=Log Out; xdastaxname=XDAS_AE_TERMINATE_SESSION; msg=Log Out
411 Trust events (create, delete, modify) should have InitUserName 1 events matched test criteria:<br/>The following events failed this test:<br/>Line 21: et=Thu Jun 18 2009 04:00:42 GMT-0400 (EDT); evt=keyinst; xdastaxname=XDAS_AE_CREATE_TRUST; msg=keyinst
412 Trust events (create, delete, modify) should have TargetTrustName 1 events matched test criteria:<br/>The following events failed this test:<br/>Line 21: et=Thu Jun 18 2009 04:00:42 GMT-0400 (EDT); evt=keyinst; xdastaxname=XDAS_AE_CREATE_TRUST; msg=keyinst
413 Trust events (query) should have TargetTrustName 0 events matched test criteria:<br/>
414 Trust events (associate, deassociate) should have InitUserName 0 events matched test criteria:<br/>
415 Trust events (associate, deassociate) should have TargetTrustName and TargetUserName 0 events matched test criteria:<br/>
416 Resource access to trust (grant, revoke) should have InitUserName 0 events matched test criteria:<br/>
417 Resource access to trust (grant, revoke) should have TargetTrustName and TargetDataName 0 events matched test criteria:<br/>
418 Resource access to user (grant, revoke) should have InitUserName 0 events matched test criteria:<br/>
419 Resource access to user (grant, revoke) should have TargetUserName and TargetDataName 0 events matched test criteria:<br/>
421 DataItem events (create, delete, modify) should have InitUserName 0 events matched test criteria:<br/>
422 DataItem events (create, delete, modify) should have TargetDataName 0 events matched test criteria:<br/>
423 DataItem events (open, close, modify, query) should have InitUserName 0 events matched test criteria:<br/>
424 DataItem events (open, close, modify, query) should have TargetDataName 0 events matched test criteria:<br/>
425 DataItem query attributes event should have TargetDataName 0 events matched test criteria:<br/>
431 Session Modification events should have InitUserName 0 events matched test criteria:<br/>
441 System events (start, shutdown) should have InitUserName 0 events matched test criteria:<br/>
442 System events (start, shutdown) should have TargetHostName or TargetIP 0 events matched test criteria:<br/>
443 Service events (install, remove, enable, disable, invoke, terminate, config, modify) should have InitUserName 16 events matched test criteria:<br/>The following events failed this test:<br/>Line 2: et=Wed Jun 10 2009 03:17:29 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object SOULSEEK<br/>Line 3: et=Wed Jun 10 2009 03:17:29 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object SSH_WRONG_PORTS<br/>Line 4: et=Wed Jun 10 2009 03:17:29 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object MSExchangeDatabase<br/>Line 5: et=Wed Jun 10 2009 03:17:29 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object A510532FC-B1E6-4AB4-A447-89CA624D5F6B<br/>Line 7: et=Wed Jun 10 2009 03:17:30 GMT-0400 (EDT); evt=Modify Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object ASMPostInstallProcedures<br/>Line 13: et=Wed Jun 10 2009 03:31:12 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object Standard<br/>Line 14: et=Wed Jun 10 2009 03:31:12 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object Standard<br/>Line 15: et=Wed Jun 10 2009 03:39:21 GMT-0400 (EDT); evt=Modify Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object connectra_global_properties<br/>Line 16: et=Wed Jun 10 2009 03:39:43 GMT-0400 (EDT); evt=Modify Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object securview<br/>Line 17: et=Wed Jun 10 2009 04:12:50 GMT-0400 (EDT); evt=Install Policy; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Install Policy securview<br/>Line 18: et=Thu Jun 18 2009 03:48:45 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl<br/>Line 32: et=Wed May 27 2009 19:44:52 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl installed defaultfilter<br/>Line 33: et=Wed May 27 2009 22:14:17 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl<br/>Line 34: et=Wed May 27 2009 19:44:52 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl installed defaultfilter<br/>Line 35: et=Mon Jun 15 2009 18:05:40 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl<br/>Line 36: et=Mon Jun 15 2009 16:24:39 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl
444 Service events (install, remove, enable, disable, invoke, terminate, config, modify) should have TargetServiceName 16 events matched test criteria:<br/>The following events failed this test:<br/>Line 2: et=Wed Jun 10 2009 03:17:29 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object SOULSEEK<br/>Line 3: et=Wed Jun 10 2009 03:17:29 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object SSH_WRONG_PORTS<br/>Line 4: et=Wed Jun 10 2009 03:17:29 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object MSExchangeDatabase<br/>Line 5: et=Wed Jun 10 2009 03:17:29 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object A510532FC-B1E6-4AB4-A447-89CA624D5F6B<br/>Line 7: et=Wed Jun 10 2009 03:17:30 GMT-0400 (EDT); evt=Modify Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object ASMPostInstallProcedures<br/>Line 13: et=Wed Jun 10 2009 03:31:12 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object Standard<br/>Line 14: et=Wed Jun 10 2009 03:31:12 GMT-0400 (EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object Standard<br/>Line 15: et=Wed Jun 10 2009 03:39:21 GMT-0400 (EDT); evt=Modify Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object connectra_global_properties<br/>Line 16: et=Wed Jun 10 2009 03:39:43 GMT-0400 (EDT); evt=Modify Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object securview<br/>Line 17: et=Wed Jun 10 2009 04:12:50 GMT-0400 (EDT); evt=Install Policy; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Install Policy securview<br/>Line 18: et=Thu Jun 18 2009 03:48:45 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl<br/>Line 32: et=Wed May 27 2009 19:44:52 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl installed defaultfilter<br/>Line 33: et=Wed May 27 2009 22:14:17 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl<br/>Line 34: et=Wed May 27 2009 19:44:52 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl installed defaultfilter<br/>Line 35: et=Mon Jun 15 2009 18:05:40 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl<br/>Line 36: et=Mon Jun 15 2009 16:24:39 GMT-0400 (EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl
445 Service events (config, query) should have TargetServiceName 0 events matched test criteria:<br/>
451 Resource events (backup) should have InitUserName 1 events matched test criteria:<br/>The following events failed this test:<br/>Line 11: et=Wed Jun 10 2009 03:19:20 GMT-0400 (EDT); evt=File Retrieved; xdastaxname=XDAS_AE_RECOVER_DATASTORE; msg=File Retrieved sd_updates
452 Resource events (backup) should have TargetDataName 1 events matched test criteria:<br/>The following events failed this test:<br/>Line 11: et=Wed Jun 10 2009 03:19:20 GMT-0400 (EDT); evt=File Retrieved; xdastaxname=XDAS_AE_RECOVER_DATASTORE; msg=File Retrieved sd_updates
453 Resource events (corrupt, exhaust) should have TargetDataName 0 events matched test criteria:<br/>
461 All WorkFlow events should have TargetDataName and TargetDataContainer 0 events matched test criteria:<br/>
471 Malware infected events should have TargetDataName 0 events matched test criteria:<br/>
472 Malware infected events should have TargetHostName or TargetIP 0 events matched test criteria:<br/>

Release Tests

# Test Name Result Details

Comparison Tests

Comparison of this version with previous prototype/beta version.

Comparison of this version with previous released version.