vRealize Network Insight currently supports post R80 version of the Check Point firewall.

You can perform a query for all the Check Point entities that are supported by vRealize Network Insight. All the entities are prefixed by Check Point. Some of the queries for Check Point are as follows:

Table 1.

Entities in Check Point




Check Point Address Range

Check Point Network

vm where Address Range = <>

vm where Address Range = <>

Check Point Address Range where Translated VM = <>


Check Point Network Group

Check Point Network Group where Translated VM = <>

vm where Network Group = <>

Service/ Service Group

Check Point Service

Check Point Service Group

Check point service where Port = <>

Check point service where protocol = <>

Access Layer

Check Point Access Layer

Check Point Policy where Access Layer = <>

Policy Package

Check Point Policy package

Check Point Policy where Policy Package = <>

Check Point Policy Package where Rule = <>


Check Point Policy

Check point policy where source ip = <> and Destination IP = <>

Rule where source ip = <> and Destination IP = <> (will display other rules- nsx, redirect along with check point policies in the system)

Gateways and Gateway Cluster

Check Point Gateway

Check Point Gateway Cluster

Check Point Gateway Cluster where Policy Package = <>

A sample Check Point Manager dashboard is shown as follows:

Also, in a VM-VM topology, you can see the Check Point Service VMs on a host to signify the Check Point rules applied on particular traffic.


Check Point Multi-Domain Management Server (MDS/Provider-1) is not supported as a data-source.

You can view some system events related to the following scenarios for Check Point:

  • NSX fabric agent not found on the ESX for check point gateway.

  • Check Point service VM not found.

  • Check Point gateway sic status not communicating.

  • Discovery and update events for check point entities like address range, networks, policies, groups, policy package, service, service group, and so on.