Configuring the Quantum Edge VNF in SmartConsole

To manage and install policies on your Quantum Edge for VMware SD-WAN Gateway, use the Check Point SmartConsole.

1. Go to Object Explorer > More Object Types > Network Objects > Gateways & Servers > New Gateway.

2. Select Wizard Mode.

3. On the General Properties tab, enter this information:

   Gateway Name:	The name of the VNF gateway
   Gateway platform:	CloudGuard Edge appliances only
   Gateway IP address:	Enter the VNF IP address

4. Click Next.

5. On the Trusted Communication tab, do this step:

   • In Authentication, select Initiate trusted communication securely by using a one-time-password and enter the Activation Key you configured in the VNF deployment.

   You can initiate trusted communication at this time. Alternatively, you can initiate trusted communication automatically when the Quantum Edge Gateway connects to the Security Management Server for the first time (Auto Join).

   1. To authenticate that the VNF deployed successfully:

      In Trusted communication, select Initiate trusted communication now, click Connect > Next.

   2. Authenticate that the VNF is uses Auto Join:

      In Trusted communication, select Initiate trusted communication automatically when the Gateway connects to the Security Management Server for the first time, click >Next.

6. In Blade Activation, select the blades to be activated, click Next.

7. In Blade Configuration, clear the NAT checkbox, and then click Next > Finish.

8. Click Install policy to push the configuration to the VNF.

To manage and install policies on your Quantum Edge for VMware SD-WAN Gateway, use the Check Point SmartConsole.

1. Go to Object Explorer > More Object Types > Network Objects > Gateways & Servers > New Gateway.

2. Select Classic Mode.

3. On the General Properties tab, enter this information:

   Gateway Name:	The name of the VNF gateway
   Gateway Platform:	CloudGuard Edge appliances only
   Gateway IP Address:	Enter the VNF IP Address

4. In the Secure Internal Communication field, click Communication, and then select:

   1. In Authentication, select Initiate trusted communication securely by using a one-time-password.

   2. Enter the Activation Key you configured in the First Time Configuration Wizard installation.

   3. Click OK.

5. In the Network Security field, select the Software Blades to be activated.

6. Click OK.

7. Click Install policy to push the configuration to the VNF.

To manage and install policies on your Quantum Edge for VMware SD-WAN Gateway, use the Check Point SmartConsole.

Important - Requires the Check Point Management Server R81 or higher.

1. Go to Object Explorer > More Object Types > Network Objects > Gateways & Servers > New > Cluster > Small Office Cluster.

2. Select Classic Mode.

3. On the General Properties tab, enter this information:

   Cluster Name:	The name of the cluster
   Cluster Platform:	CloudGuard Edge appliances only
   Cluster IP Address:	Enter a fictitious IP address (such as 0.0.0.0) to represent the cluster This IP address is not used

4. In the General Properties tab, clear the ClusterXL checkbox.

   The ClusterXL tab automatically changes to 3rd Party Configuration.

5. Add the Cluster Members.

   Go to Cluster Members > click Add > New Cluster Member.

   1. Enter the name and IPv4 address of the first member > click Communication.

   2. Enter the Activation Key > click Initialize.

      For each member, make sure that the Trust state is Trust established.

   3. Do the same steps again to add the second member of the cluster.

6. Go to Topology > Edit Topology.

7. Click Get > All members interfaces with Topology.

8. Configure the topology:

   • For the WAN interface, set the Network Objective as Private, and make sure the topology for the WAN interfaces is set to External.

   • For the LAN2 interface, set the Network Objective as 1st Sync, and make sure the topology for the LAN2 interfaces is set to Internal.

9. Click OK.

10. Click OK.

11. Publish the SmartConsole session.

12. Install the Access Control policy on the Cluster object.

To create a Quantum Edge cluster object and use Check Point's SmartConsole to manage and install policies.

1. Go to Object Explorer > More Object Types > Network Objects > Gateways & Servers > New > Cluster > Small Office Cluster.

2. Select Wizard Mode.

3. In the General Properties tab, enter this information:

   Cluster Name:	The name of the cluster
   Cluster Hardware:	Quantum Edge appliances only

4. Click Next.

5. Add the Cluster Members.

   Go to Cluster Members > click Add > New Cluster Member.

   1. For each Cluster Member, enter the name of the member and its IP address.

   2. Enter the Activation Key > click Next to initialize.

      For each member, make sure that the Trust state is Trust established.

6. For the WAN interfaces, enter a fictitious IP address (such as 0.0.0.0) to represent the cluster. This IP address is not used. Click Next.

7. To create the cluster, click Finish.

8. Double-click the cluster object.

9. In the General Properties, clear the ClusterXL checkbox.

   In the left tree, the ClusterXL pane automatically changes to 3rd Party Configuration.

10. Go to Topology > Edit Topology.

11. Click Get > All members interfaces with Topology.

12. Configure the topology:

    • For the WAN interface, set the Network Objective as Private, and make sure the topology for the WAN interfaces is set to External.

    • For the LAN2 interface, set the Network Objective as 1st Sync, and make sure the topology for the LAN2 interfaces is set to Internal.

13. Click OK.

14. Click OK.

15. Publish the SmartConsole session

16. Install the Access Control policy on the Cluster object.