CheckPoint: installation, initial setup and organization of a cluster of two firewall modules
- Tutorial
Check Point introduced a new version of its GAIA R77 operating system this year.
Among the main innovations are:
• Threat Emulation
• HyperSPECT technology
• New software blades (Compliance Blade) and more than 50 new features.
The purpose of this article is a guide to help beginners when working with Check Point equipment. What to do with him? How to prepare for work? etc. Also here you will find the answer how to organize a cluster with 2 firewall modules. Despite the fact that from the version of Gaia R76, management can be on one of the cluster nodes, this guide will describe the “old-fashioned” method. Two firewall modules plus separate management.
Threat Emulation - protection against 0 day attacks. It works on the same principle:
1. Inspects file.
2. Runs it on several operating systems.
3. If the file is malicious, it blocks.
4. If the file is not malicious, it allows the end user to open it.
HyperSPECT technology - accelerate security gateways up to 50%. Below is a diagram from the vendor:
Compliance Blade - checking equipment settings according to information security standards, at the moment Check Point “knows” these standards: The
same figure shows how it works.
As mentioned above, we have a task: two firewall modules plus separate management.
To complete this task you will need:
• The first firewall module with Gaia R77 installed (3 network interfaces);
• Second firewall module with installed Gaia R77 (3 network interfaces);
• Management server with installed Gaia R77;
• Administrator workstation with SmartConsole installed.
1. Installing Gaia R77 OS on firewall modules.
1.1. Boot from boot disk / flash drive. And select “Install Gaia on this system”
1.2. Confirm OS installation, click OK. Select the US language layout and click OK.
1.3. In the next window, enter the administrator password, then the server IP address, then confirm the formatting of the hard disk and wait for the installation to complete.
1.4. Similarly, install the OS on the second firewall module and management server.
2. Initial setup of Gaia R77
2.1. Go to the web interface of the firewall module. In our case, this is the initial configuration of the first node, IP address - 172.16.1.15.
2.2. Log in to the web interface, click Next in the initial setup wizard.
2.3. Check the network interface settings, specify the host name, time zone.
2.4. In the next menu, check “Security Gateway or Security Management”
2.5. Further, if one of the firewall modules is configured, you need to select the configuration that is shown on the screen, enter the SIC activation key, click Finish and wait for the reboot.
2.6. When setting up the management server, you need to select the configuration that is shown on the screen, optionally change the username / password, indicate to whom the GUI client is available, click Finish.
3. Installing Smart Console
3.1. To download SmartConsole you need to go to the web interface of one of the firewall modules or the management server. In the Maintenance section, select Download Smart Console, click the Download button.
3.2. After downloading the smart console, start the installation process, additional components will be required for installation.
3.3. After installing the above, installation of the smart console itself will begin. The installation process below is displayed on the screenshots.
4. Cluster organization with two firewall modules
After the work done above, we have the following result:
• Installed / originally configured OS on the first firewall module.
• Installed / originally configured OS on the second firewall module.
• Installed / originally configured OS on the management server.
• A smart console is installed on the administrator's workstation with Windows XP preinstalled.
4.1. Launch SmartDashboard, enter the username / password and IP address of the management server.
4.2. In the open SmartDashboard, select the “More” section, the “Desktop” item.
4.3. Next, add the firewall modules to SmartCentre.
To do this, select the Check Point folder on the left, open the context menu and select the “Security Gateway / Management” item. Then select “Classic mode”.
4.4. Enter the host name, IP address and click Communication.
4.5. Enter the Activation Key and press the “Initialize” button; if the operation is successful, Trust established appears. After this action, click “OK”, in the next window, click “Close”. Repeat this step for the second firewall module.
4.6. After adding firewall modules to SmartCentre, we have the following picture:
4.7. On the left, select the Check Point section, open the context menu, select Security Cluster => Check Point Appliance / Open server.
4.8. Specify the name of the created cluster and its IP address. Go to the “Cluster member” tab and add two firewall modules.
4.9. Next, go to the Topology section and click the Edit button.
4.10. Select a configuration as indicated on the screen.
After that, click “Get” => “All Members' Interfaces with Topology and click OK.”
Then do the following: Save => Install policy.
As a result of the actions taken, we have assembled a cluster of 2 firewall nodes. Next, you need to prescribe the firewall rules, configure the remaining blades.
MUK-Service - all types of IT repair: warranty, non-warranty repair, sale of spare parts, contract service