Scribd
Upload
16 views

SBT - Chapter 2 - Introduction To Check Point Deployment

The document discusses Check Point software deployment options including Check Point appliances, open servers, cloud computing, and Check Point's scalable platform. It also covers Check Point's security architecture which includes security gateways, security management servers, and smart consoles. The document concludes with considerations for standalone, distributed, and bridge mode deployments as well as upgrade options.

Uploaded by

khanhxh.zt
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
16 views

SBT - Chapter 2 - Introduction To Check Point Deployment

The document discusses Check Point software deployment options including Check Point appliances, open servers, cloud computing, and Check Point's scalable platform. It also covers Check Point's security architecture which includes security gateways, security management servers, and smart consoles. The document concludes with considerations for standalone, distributed, and bridge mode deployments as well as upgrade options.

Uploaded by

khanhxh.zt
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

SOFTWARE BLADES

TRAINING
Chapter 2:
INTRODUCTION TO CHECK POINT DEPLOYMENT

©2022 Check Point Software Technologies Ltd. 1


Deployment Option

▪ The constantly changing variation of software products has fostered the emergence
of specialized roles for administrators to manage the deployment process. There are
different deployment scenarios for Check Point software Products
• Check Point Appliances
• Open Servers
• Cloud Computing
• Scalable Platform

©2022 Check Point Software Technologies Ltd. 2


Checkpoint Appliances

• Check Point appliances are built with flexibility and expansion capability to meet the
diverse requirements for today’s enterprise networks. They are designed to be
flexible in order to meet throughput requirements

©2022 Check Point Software Technologies Ltd. 3


Open Servers
Vendor R81
• Check Point software technology can also Cisco C220 M5L, C240 M5S\M5SX\M4S
deployed on open servers, or non-Check Point
hardware Dell PowerEdge R330, R630, R640,
R740/R740XD,R730,R620,R720
• Open servers provide the benefit of bringing Fujitsu PRIMERGY RX2540 M5/M4/M1
your own hardware, which provides the ability to RX2530 M1/ RX1330 M1
increase RAM, CPU, and disk space RX100 S8/ RX200 S8/RX300 S8
• With open servers, licensing is not hardware RX100 S7PRX200 S7/ RX300 S7
dependent and can be transferred between old HP ProLiant DL360 G9/G10, DL380 G9/G10
and new hardware. DL60 Gen9, DL320e G8 v2, BL460c G8
DL360p G8, DL380p G8
• Hardware compatibility must be approved for
the device to work and be supported by Check IBM x3550 M4/M5, x3650 M5, x3250 M4, x3530 M4,
x3540 M4
Point
Kontron Cobalt 901
Lenovo Think System SR850P, SR650
Super- Super Server 6018U-TR4T+
micro

©2022 Check Point Software Technologies Ltd. 4


Cloud Computing

• Check Point software technology can also support deploy in the cloud, both for
private & public cloud
2 gateways in 2 zones Gateway Autoscaling
Public IP
External LB

Public IP Public IP

Subnet Subnet Suitable for scattered Subnet Subnet

applications between zones

Internal LB

Web Web Web Web


Subnet- DB DB DB DB
Subnet- Subnet- Subnet-
1 Subnet-1
2
Subnet-2
Fit to the northbound-hub or 1
Subnet-1
2 Subnet-2

workloads with fluctuating


Zone1 Zone2

virtual private cloud


throughput Zone
1
Zone2
virtual private cloud

©2022 Check Point Software Technologies Ltd. 5


Scalable Platform
3.0 Tbps
Maestro Base Configuration

MHO175
Maestro
Hyperscale Span

from 2 to 15
400 Gbps
Maestro Span

MLS200
Beginning

2x MLS200
2x MLS200
400 Gbps
400 Gbps

Scale from 400 Gbps to 3 Tbps with Maestro*


* Or achieve the same 3 Tbps with 8x MLS400 + Maestro

©2022 Check Point Software Technologies Ltd. 6


Check Point Security Architecture

▪ The 3 mains components of the Check Point Security Management


Architecture include:
• Security Gateways: entry point and cyber barriers to traffic
• Security Management Server (SMS): manages Security Gateways with
defined security policies & monitors security events on the network
• Smart Console: the Check Point GUI for connection to the management
section of the Security Management Servers

©2022 Check Point Software Technologies Ltd. 7


Deployment Considerations

Standalone Deployment
• Security Management Server & Security Gateway installed on the same
computer or appliance

©2022 Check Point Software Technologies Ltd. 8


Deployment Considerations

Distributed Deployment
• Security Management Server & Security Gateway installed on different
computers or appliances

©2022 Check Point Software Technologies Ltd. 9


Deployment Considerations

Bridge Mode
• A Bridge Mode deployment adds a Security Gateway to an existing
environment without changing IP routing

©2022 Check Point Software Technologies Ltd. 10


Upgrade

• CPUSE
• Deployment Agent
• Jumbo Hotfix

©2022 Check Point Software Technologies Ltd. 11


HANDS-ON LAB

02 CP Security 101 Gaia Lab

©2022 Check Point Software Technologies Ltd. 12


Lab Access
Class URL: https://checkpoint-training.site/classroom/NR9v/login
Class Password: 123

©2022 Check Point Software Technologies Ltd. 13


LAB LIST
• 02 CP Security 101 Gaia Lab
• 06 HTTPS Inspection Lab
• 07 Identity Awareness Lab
• 08 Safe Internet Use Lab

• 04 SmartLog - SmartEvent Lab


• 10 Security Management Lab
• 12 Network Threat Prevention Lab

• 17 Endpoint Threat Prevention Lab


• 18 R80 REST API Lab

©2022 Check Point Software Technologies Ltd. 14


Thank you!

©2022 Check Point Software Technologies Ltd. 15

You might also like