Overview
CloudGuard Central License A Central License is a CloudGuard Security Gateway license. It is deployed and managed on the Security Management Server or Multi-Domain Server and distributed from a license pool to all CloudGuard Security Gateways connected to corresponding Management Servers. is a dynamic pooled license structure offered on the Check Point Security Management Server and Multi-Domain Server. This feature simplifies and improves the CloudGuard Security Gateway licensing procedure. The CloudGuard Central License is deployed and managed on the Security Management Server or Multi-Domain Server, which automatically distributes the license to as many CloudGuard Security Gateways as necessary. All newly deployed CloudGuard Security Gateways automatically receive a license from the tool.
The Central License tool supports:
-
Scalability of CloudGuard Security Gateway instances and virtual cores.
-
CloudGuard License generation and automatic installation.
-
Easy central management of existing and new licenses.
Supported Solutions
-
All public and private cloud solutions of Check Point Security Management Servers and Multi-Domain Security Management Servers
Supported versions: R80.20 and higher
-
All CloudGuard Security Gateways that run on public and private cloud platforms and have Check Point's IaaS CloudGuard solutions: Amazon Web Services (AWS Amazon® Web Services. Public cloud platform that offers global compute, storage, database, application and other cloud services.), Microsoft Azure Collection of integrated cloud services that developers and IT professionals use to build, deploy, and manage applications through a global network of data centers managed by Microsoft®., Google Cloud Platform (GCP Google® Cloud Platform is a suite of products and services that includes hosting, cloud computing, database services and more.), VMware ESXi, NSX-T, Hyper-V, OpenStack An open source cloud-computing infrastructure for service providers and enterprises. It includes modules for administration, storage, networking and Virtual Machine deployment and control., and KVM.
Note - NSX-V is not supported with this tool.
Supported versions: R80.10 and higher
Prerequisites
-
When you work in Multi-Domain Server in MDS (System) mode (see Multi-Domain Server Specifications), each Domain must have connectivity to the Internet. Make sure that the DNS and proxy are configured correctly. (The proxy is configured in SmartConsole on each domain explicitly, configuring in Gaia WebUI of the domain is not enough. The proxy configuration is located in the SmartConsole menu below Global Properties)
-
For the tool to recognize the gateways, it is necessary to install policy.
|
Best Practice - We recommend that the single Management Server and the Multi-Domain Server (when you work in Domain mode) have connectivity to the Internet. Internet connectivity lets the tool to automatically import the contracts of the licenses from the User Center. If you do not have Internet connectivity, then you must import the blade contracts manually. |