MHO-175 Front Panel

Important - This section describes the default configuration. It is possible to change the port type (Management, Uplink, and Downlink) in the Gaia Operating System on the Quantum Maestro Orchestrator A scalable Network Security System that connects multiple Check Point Security Appliances into a unified system. Synonyms: Orchestrator, Quantum Maestro Orchestrator, Maestro Hyperscale Orchestrator. Acronym: MHO.. See the Maestro Administration Guide for your version > Chapter Configuring Security Groups > Section Configuration Procedure > Section Configuring Security Groups in Gaia Clish > Section Configuring the Port Settings.

Item

Description

Port 1 (colored green), through which you manage the Security Groups A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected..

To this port you connect:

Check Point Management Servers.
Clients, from which you configure the Gaia Operating System (Gaia Portal and Gaia Clish) on the Security Appliances connected to the Downlink ports Interfaces on the Quantum Maestro Orchestrator used to connect to Check Point Security Appliances. You use DAC cables, Fiber cables (with transceivers), or Breakout cables to connect between the Downlink ports and Security Appliances. The Check Point Management traffic (policy, logs, synchronization, and so on) co-exists with the data (user) traffic on the Downlink ports. Bandwidth is guaranteed for the Check Point Management traffic (portion of the downlink bandwidth). These ports form the system backplane (management, data plane, synchronization). (3).

Important - It is possible to use only this one port to manage the Security Groups.

Only this port supports the Gaia Clish command "show maestro port <ID> type management".

Ports 2 - 16 (colored gray) are the Uplink ports Interfaces on the Quantum Maestro Orchestrator used to connect to external and internal networks. Gaia operating system shows these interfaces in Gaia Portal and in Gaia Clish. SmartConsole shows these interfaces in the corresponding SMO Security Gateway object. 25 Gbps / 40 Gbps / 100 Gbps.

To these ports you connect your external traffic and internal traffic networks.

You use DAC or Fiber cables (with transceivers).

Note - The 25 Gbps speed is available in:

Check Point R81.20 and higher
R81.10 Jumbo Hotfix Accumulator Take 110 and higher (MBS-14158)

Ports 17 - 30 (colored orange) are the Downlink ports.

To these ports you connect your Check Point Security Appliances.

You use DAC or Fiber cables (with transceivers).

Important - It is not supported to configure these ports as Uplink.

Port 31 (colored yellow) is the External Synchronization port in the Dual Site configuration.

You connect a DAC cable Direct Attach Copper cable. A form of the high-speed shielded twinax copper cable with pluggable transceivers on both ends. Used to connect to network devices (switches, routers, or servers). between ports 31 on two Quantum Maestro Orchestrators See "Maestro Orchestrator". MHO-175 for redundancy between different sites.

In the Port Split mode (see MHO-175 Splitting Options):

1st, 2nd, and 3rd splits are Downlinks.
4th split is the External Sync.

Important - It is not supported to configure this port as Uplink.

Micro USB 2.0 port. See USB Port.

LEDs. See LEDs.

RJ45 port with the label . See MGMT Ports.

To this port you connect a client, from which you configure the Gaia Operating System on the Quantum Maestro Orchestrator (in Gaia Portal, or Gaia Clish).

RJ45 port with the label . See Console Port.

To this port you connect a client, from which you configure the Gaia Operating System on the Quantum Maestro Orchestrator (in Gaia Clish).

Reset button with the label (R). See Reset Button.

Port 32 (colored blue) is the Internal Synchronization port.

You connect a DAC cable between ports 32 on two Quantum Maestro Orchestrators MHO-175 for redundancy on the same site.

Important - It is not supported to change the default type of this port ("ssm_sync").

Button to select indication states for the splitting control LEDs. See MHO-175 Splitting Options.

Splitting control LEDs that show the indication state for Port LEDs:

State of which port to show (without a split cable).
State of which split port to show (in 1-to-2 split, or 1-to-4 split).

See MHO-175 Splitting Options.

Port LEDs that show the status of all ports (including the split ports).

Notes:

It is possible to connect DAC or Fiber cable (with transceivers) to each port (from 1 to 32).
It is possible to connect Breakout cables An optical fiber cable that contains several jacketed simplex optical fibers that are packaged together inside an outer jacket. Synonyms: Fanout cable, Fan-Out cable, Splitter cable. to each port. See MHO-175 Splitting Options.

Warning - Only ports 1, 2, 31, and 32 support transceivers that require more than 5W (for example, CPAC-TR-100ERL4).