</tbody> </table> [Source CheckPoint sk97638](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638 "Liste des process CheckPoint sk97638")

Type	Démons	Démon Fils	Description
Type	Démons	Démon Fils	Description
Gaia Processes and Daemons	pm	-	Gaia OS Process Manager. Controls other processes and daemons.
Gaia Processes and Daemons	pm	confd	Database and configuration.
Gaia Processes and Daemons	pm	searchd	Search indexing daemon.
Gaia Processes and Daemons	pm	clishd	Gaia Clish CLI interface process - general information for all Clish sessions.
Gaia Processes and Daemons	pm	clish	Gaia Clish CLI interface process - Clish process per session.
Gaia Processes and Daemons	pm	routed	Routing daemon.
Gaia Processes and Daemons	pm	httpd2	Web server daemon (Gaia Portal).
Gaia Processes and Daemons	pm	monitord	Hardware monitoring daemon.
Gaia Processes and Daemons	pm	rconfd	Provisioning daemon.
Gaia Processes and Daemons	pm	cloningd	Cloning Groups daemon.
Gaia Processes and Daemons	pm	dhcpd	DHCP server daemon.
Gaia Processes and Daemons	pm	snmpd	SNMP (Linux) daemon.
Gaia Processes and Daemons	sshd	-	SSH daemon.
Gaia Processes and Daemons	syslogd	-	Syslog (Linux) daemon.
Gaia Processes and Daemons	DAService	-	CPUSE (former 'Gaia Software Updates') service (sk98926 and sk92449).
Infrastructure Processes	cpwd	-	WatchDog is a process that launches and monitors critical processes such as Check Point daemons on the local machine, and attempts to restart them if they fail. Among the processes monitored by Watchdog are cpd, fwd and fwm. Watchdog is controlled by the cpwd_admin utility. To learn how to start and stop various daemons, run cpwd_admin command.
Infrastructure Processes	cpd	-	"Port 18191 - Generic process (add-ons container) for many Check Point services, such as installing and fetching policy, and online updates Port 18211 - SIC push certificate (from Internal CA) Note: 'cpwd_admin list' command shows the process as ""CPD""."
Infrastructure Processes	sms	-	"Manages communication (status collection, logs collection, policy update, configuration update) with UTM-1 Edge Security Gateways. This process runs only on Security Management Server / Multi-Domain Security Management Servers that manage UTM-1 Edge devices. Note: 'cpwd_admin list' command shows the process as ""VPN-1 Embedded Connector""."
Firewall Blade Gateway	fwd	-	"Logging. Spawning child processes (e.g., vpnd) Note: 'cpwd_admin list' command shows the process as ""FWD""."
IPSec VPN Blade Gateway	vpnd	-	"IKE (UDP/TCP) SSL Network Extender Remote Access Client configuration Visitor Mode NAT-T Tunnel test Topology Update for SecureClient RDP L2TP "
Mobile Access Blade Gateway	cvpnd	-	"Back-end daemon of the Mobile Access Software Blade. Note: 'cpwd_admin list' command shows the process as ""CVPND""."
Mobile Access Blade Gateway	dbwriter	-	"Offload database commands from cvpnd (to prevent locks) and syncronize with other members. Note: 'cpwd_admin list' command shows the process as ""DBWRITER""."
Mobile Access Blade Gateway	cvpnproc	-	"Offload blocking commands from cvpnd (to prevent locks). Example: sending DynamicID. Note: 'cpwd_admin list' command shows the process as ""CVPNPROC""."
Mobile Access Blade Gateway	MoveFileServer	-	"Move files between cluster members in order to perform database synchronization. Note: 'cpwd_admin list' command shows the process as ""MOVEFILESERVER""."
Mobile Access Blade Gateway	Pinger	-	"Offload long-lasting requests from httpd. Note: 'cpwd_admin list' command shows the process as ""PINGER""."
Mobile Access Blade	CvpnUMD	-	"Report SNMP connected users to AMON. Note: 'cpwd_admin list' command shows the process as ""CVPNUMD""."
Mobile Access Blade Gateway	httpd	-	Front-end daemon of the Mobile Access Software Blade (multi-processes).
Identity Awareness Blade Gateway	pepd	-	"Policy Enforcement Point daemon Receiving identities via identity sharing Redirecting users to Captive Portal Note: 'cpwd_admin list' command shows the process as ""PEPD""."
Identity Awareness Blade Gateway	pdpd	-	"Policy Decision Point daemon Acquiring identities from identity sources Sharing identities with another gateways Note: 'cpwd_admin list' command shows the process as ""PDPD""."
DLP blade Gateway	fwdlp	-	DLP core engine that performs the scanning / inspection.
DLP blade Gateway	cp_file_convert	-	Used to convert various file formats to simple textual format for scanning by the DLP engine.
DLP blade Gateway	dlp_fingerprint	-	Used to identify the data according to a unique signature known as a fingerprint stored in your repository.
DLP blade Gateway	cserver	-	"Check Server that either stops or processes the e-mail. Note: 'cpwd_admin list' command shows the process as ""DLP_WS""."
DLP blade Gateway	dlpu	-	"Receives data from Check Point kernel. Note: 'cpwd_admin list' command shows the process as ""DLPU_N""."
DLP blade Gateway	fwucd	-	"UserCheck back-end daemon that sends approval / disapproval requests to user. Note: 'cpwd_admin list' command shows the process as ""FWUCD""."
Threat Emulation Blade Gateway	ted	-	Threat Emulation daemon engine - responsible for emulating files and communication with the cloud.
Threat Emulation Blade Gateway	dlpu	-	"DLP process - receives data from Check Point kernel. Note: 'cpwd_admin list' command shows the process as ""DLPU_N""."
IPS Blade Gateway	in.geod	-	Updates the IPS Geo Protection Database.
URL Filtering Blade Gateway	rad	-	"Resource Advisor - responsible for the detection of Social Network widgets. The detection is done via an online service available at Check Servers which identifies specific URLs as applications. Note: 'cpwd_admin list' command shows the process as ""RAD""."
Anti-Bot Blade Gateway	acapd	-	Packet capturing daemon for SmartView Tracker logs.
Anti-Bot Blade Gateway	rad	-	"Resource Advisor - responsible for the detection of Social Network widgets. The detection is done via an online service available at Check Servers which identifies specific URLs as applications. Note: 'cpwd_admin list' command shows the process as ""RAD""."
Anti-Virus Blade Gateway	acapd	-	Packet capturing daemon for SmartView Tracker logs.
Anti-Virus Blade Gateway	dlpu	-	"DLP process - receives data from Check Point kernel. Note: 'cpwd_admin list' command shows the process as ""DLPU_N""."
Anti-Virus Blade Gateway	rad	-	"Resource Advisor - responsible for the detection of Social Network widgets. The detection is done via an online service available at Check Servers which identifies specific URLs as applications. Note: 'cpwd_admin list' command shows the process as ""RAD""."
Anti-Spam Blade Gateway	in.emaild.smtp	-	SMTP Security Server that receives e-mails sent by user.
Anti-Spam Blade Gateway	msd	-	Mail Security Daemon that queries the Commtouch engine for reputation.
Anti-Spam Blade Gateway	ctasd	-	Commtouch Anti-Spam daemon.
Anti-Spam Blade Gateway	ctipd	-	Commtouch IP Reputation daemon.
Monitoring Blade Gateway	rtmd	-	"Real Time traffic statistics. Note: 'cpwd_admin list' command shows the process as ""RTMD""."
Monitoring Blade Gateway	cpstat_monitor	-	"Process is responsible for SmartView Monitor. Note: 'cpwd_admin list' command shows the process as ""CPSM""."
HTTPS Inspection Gateway	wstlsd	-	Handles SSL handshake for HTTPS Inspected connections.
Network Policy Management Blade Management	fwm	-	"Communication between SmartConsole applications and Security Management Server. Note: 'cpwd_admin list' command shows the process as ""FWM""."
Endpoint Policy Management Blade Management	epm	-	Endpoint Management Server.
Endpoint Policy Management Blade Management	httpd	-	Communication with Endpoint Clients.
Monitoring Blade Management	rtmd	-	"Real Time traffic statistics. Note: 'cpwd_admin list' command shows the process as ""RTMD""."
Monitoring Blade Management	cpstat_monitor	-	"Process is responsible for SmartView Monitor. Note: 'cpwd_admin list' command shows the process as ""CPSM""."
Provisioning Blade Management	status_proxy	-	"Status collection of ROBO Gateways - SmartLSM/SmartProvisioning status proxy. This process runs only on Security Management Server / Domain Management Servers that are activated for Large Scale Management. Note: 'cpwd_admin list' command shows the process as ""SPTR""."
SmartReporter Blade Management	SVRServer	-	"Controller for the SmartReporter product. Traffic is sent via SSL. Note: 'cpwd_admin list' command shows the process as ""SVR""."
SmartReporter Blade Management	log_consolidator	-	"Log Consolidator for the SmartReporter product. Note: 'cpwd_admin list' command shows the process as ""LC_""." </td></tr>
SmartReporter Blade Management	dbsync	-	"DBsync enables SmartReporter to synchronize data stored in different parts of the network. After SIC is established, DBsync connects to the management server to retrieve all the objects. After the initial synchronization, it gets updates whenever an object is saved. In distributed information systems DBsync provides one-way synchronization of data between the Security Management Servers object database and the SmartReporter computer, and supports configuration and administration of distributed systems. Note: 'cpwd_admin list' command shows the process as ""DBSYNC""."
SmartReporter Blade Management	postgres	-	PostgreSQL server.
SmartEvent Blade Management	cpsead	-	"Responsible for Correlation Unit functionality. Note: 'cpwd_admin list' command shows the process as ""CPSEAD""."
SmartEvent Blade Management	cpsemd	-	"Responsible for logging into the SmartEvent GUI. Note: 'cpwd_admin list' command shows the process as ""CPSEMD""."
SmartEvent Blade Management	dbsync	-	"DBsync enables SmartEvent to synchronize data stored in different parts of the network. In distributed information systems DBsync provides one-way synchronization of data between the Security Management Servers object database and the SmartEvent computer, and supports configuration and administration of distributed systems. DBsync initially connects to the Management Server, with which SIC is established. It retrieves all the objects and after the initial synchronization it gets updates whenever an object is saved. Note: 'cpwd_admin list' command shows the process as ""DBSYNC""."
SmartEvent Blade Management	postgres	-	PostgreSQL server.
Logging & Status Blade Management	cplmd	-	In order to get the data that should be presented in SmartView Tracker, FWM spawns a child process CPLMD, which reads the information from the log file and performs unification (if necessary). Upon receiving an answer from CPLMD, FWM transfers it to SmartView Tracker.
Management Portal Management	cpwmd	-	"Check Point Web Management Daemon. Note: 'cpwd_admin list' command shows the process as ""CPWMD""."
Management Portal Management	cp_http_server	-	"HTTP Server for Management Portal (SmartPortal) and for OS WebUI. Note: 'cpwd_admin list' command shows the process as ""CPHTTPD""."
SmartLog Management	smartlog_server	-	"SmartLog product. Note: 'cpwd_admin list' command shows the process as ""SMARTLOG_SERVER""."
Internal CA Management	cpca	-	"Check Point Internal Certificate Authority: SIC certificate pulling Certificate enrollment CRL fetch Admin WebUI "
Additional Processes	mpdaemon	-	"On Security Gateway and Management Server. Platform Portal / Multi Portal (https://IP_Address/). Each portal has his own Apache server (which can have multiple processes). 'mpdaemon' process is responsible for starting these web servers. Note: 'cpwd_admin list' command shows the process as ""MPDAEMON""."
Additional Processes	avi_del_tmp_files	-	"On Security Gateway and Management Server. Shell script (from '$FWDIR/bin/') that periodically deletes various old temporary Anti-Virus files. Note: 'cpwd_admin list' command shows the process as ""CI_CLEANUP""."
Additional Processes	ci_http_server	-	"On Security Gateway. HTTP Server for Content Inspection. Note: 'cpwd_admin list' command shows the process as ""CIHS""."
Additional Processes	cpviewd	-	"On Security Gateway and Management Server. CPView daemon (sk101878). Note: 'cpwd_admin list' command shows the process as ""CPVIEWD""."
Additional Processes	cp_http_server	-	"On Security Gateway and Management Server. HTTP Server for OS WebUI and Management Portal (SmartPortal). Note: 'cpwd_admin list' command shows the process as ""CPHTTPD""."
Additional Processes	cpsnmpd	-	"On Security Gateway and Management Server. Listens on UDP port 260 and is capable of responding to SNMP queries for Check Point OIDs only (under OID .1.3.6.1.4.1.2620) Accepts only SNMPv1 Supplied as a part of Check Point Suite ($CPDIR/bin/cpsnmpd) "