CloudGuard Network Security for Oracle Cloud

This document explains how to deploy a Check Point CloudGuard Network Security Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. in the Oracle Cloud Oracle Cloud is a cloud computing service offered by Oracle Corporation. It provides servers, storage, networks, applications, and services through a global network of Oracle Corporation-managed data centers. Infrastructure environment. All names and trademarks of oracle.com and technologies belong to Oracle. Go to Oracle for more information about its trademarks.

Overview

Oracle Cloud Infrastructure (OCI) provides the scalability of public cloud along with granular control, security, and predictability of cloud computing. It offers agile, high-performance, highly available and cost-effective infrastructure services.

Check Point's CloudGuard Network Security solution for OCI extends advanced threat prevention capabilities to protect customer OCI environments from the most sophisticated Gen-V cyber-threats with intelligent provisioning and consistent control across the network.

As an Oracle-certified solution, CloudGuard Network Security enables seamless security for workloads, data and assets while providing secure connectivity between cloud and on-premises environments.

The CloudGuard Network Security solution lets you:

• Establish and maintain VPN tunnels

• Inspect data entering and leaving private subnets

• Segregate networks in the Virtual Cloud Network (VCN)

• Protect VCN resources with Check Point Software Blades

• Centrally manage the solution from your existing Check Point Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. deployment

Note - For the list of supported versions, refer to the Support Life Cycle Policy.

Licensing

The following licensing options are available:

• License CloudGuard Network Security Gateways: Bring-Your-Own-License (BYOL).

• License a Security Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server.: Buy an Open Server Physical computer manufactured and distributed by a company, other than Check Point. license.

• Pay-As-You-Go licensing via the Oracle Cloud Marketplace for Security Gateways and Security Management Servers.

Prerequisites

To manage the Oracle Cloud Infrastructure, you must be a member of the Administrators group.

To set up a Virtual Cloud Network for your cloud resources in the Oracle Cloud, you must have basic knowledge of:

• Check PointSecurity Gateways and Management Servers

• Oracle Cloud Infrastructure

You should be familiar with general Oracle concepts, features, and terms, including:

• Virtual Cloud Networks (VCN)

• Virtual Machines (VM)

• Primary/Secondary vNIC

• Public IP addresses

• Private Primary/Secondary IP addresses

• Route Tables

• Dynamic Group

• Policy

• OCI Identity and Access Management

For information about configuring the components of your Oracle cloud network, go to the Oracle Cloud portal.

Terms and Definitions

In this guide, these terms are used:

Term	Definition
Virtual Cloud Network (VCN)	A virtual version of a traditional network.
Compartment	A collection of related resources (for example, instances, VCNs, or block volumes). To access a compartment, you must be a member of the group with sufficient permissions granted by the administrator in your organization.
Instance	A physical or virtual machine compute host.
Key pair	A set of security credentials used to verify your identity.It consists of a private key and a public key.