Overview
CloudGuard Central License is a dynamic pooled license structure offered on the Check Point Security Management Server and Multi-Domain Server. This feature simplifies and improves the CloudGuard Security Gateway licensing procedure. The CloudGuard Central License is deployed and managed on the Security Management Server or Multi-Domain Server, which automatically distributes the license to as many CloudGuard Security Gateways as necessary. All newly deployed CloudGuard Security Gateways automatically receive a license from the tool.
The Central License tool supports:
-
Scalability of CloudGuard Security Gateway instances and virtual cores.
-
CloudGuard License generation and automatic installation.
-
Easy central management of existing and new licenses.
Supported Solutions
-
All public and private cloud solutions of Check Point Security Management Servers and Multi-Domain Security Management Servers
Supported versions: R80.20 and higher
-
All CloudGuard Security Gateways that run on public and private cloud platforms and have Check Point's IaaS CloudGuard solutions: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), VMware ESXi, NSX-T, Hyper-V, OpenStack, and KVM.
Note - NSX-V is not supported with this tool.
Supported versions: R80.10 and higher
Prerequisites
-
When you work in Multi-Domain Server in MDS (System) mode (see Multi-Domain Server Specifications), each Domain must have connectivity to the Internet. Make sure that the DNS and proxy are configured correctly. (The proxy is configured in SmartConsole on each domain explicitly, configuring in Gaia WebUI of the domain is not enough. The proxy configuration is located in the SmartConsole menu below Global Properties)
-
For the tool to recognize the gateways, it is necessary to install policy.
|
Best Practice - We recommend that the single Management Server and the Multi-Domain Server (when you work in Domain mode) have connectivity to the Internet. Internet connectivity lets the tool to automatically import the contracts of the licenses from the User Center. If you do not have Internet connectivity, then you must import the blade contracts manually. |