Traffic Flows

Inbound Traffic

  1. The request traffic arrives from the Internet at the External Load Balancer in the Check Point deployed solution.

  2. The External Load Balancer forwards the request traffic to a VMSS Gateway instance.

  3. The VMSS Gateway instance:

    1. Inspects the request traffic.

    2. Performs Static NAT on the request traffic.

    3. Forwards the request traffic to the Application's Internal Load Balancer.

  4. The Application's Internal Load Balancer forwards the request traffic to the Web Server Host.

Inbound Traffic Reply

  1. The reply traffic arrives from the Web Server Host to the original VMSS Gateway instance.

  2. The VMSS Gateway instance:

    1. Inspects the reply traffic.

    2. Forwards the reply traffic to the destination on the Internet.

Outbound Traffic

  1. The request traffic arrives from the Web Server Host at the Internal Load Balancer in the Check Point deployed solution.

  2. The Internal Load Balancer forwards the request traffic to a VMSS Gateway instance.

  3. The VMSS Gateway instance:

    1. Inspects the request traffic.

    2. Performs Hide NAT on the request traffic.

    3. Forwards the request traffic to the Internet.

Outbound Traffic Reply

  1. The reply traffic arrives from the Internet at the original VMSS Gateway instance.

  2. The Check Point Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. instance:

    1. Inspects the reply traffic.

    2. Forwards the reply traffic to the Internal Web Server Host.

East-West Outbound Traffic

  1. The request traffic arrives from the Web Server Host 1 at the Internal Load Balancer in the Check Point deployed solution.

  2. The Internal Load Balancer forwards the request traffic to a VMSS Gateway instance.

  3. The VMSS Gateway instance:

    1. Inspects the request traffic.

    2. Forwards the request traffic to the corresponding Internal Load Balancer of the Web Server Host 2.

  4. The Internal Load Balancer of the Web Server Host 2 forwards the request traffic to the destination Web Server Host 2.

East-West Outbound Traffic Reply

  1. The reply traffic arrives from the Web Server Host 2 at the Internal Load Balancer in the Check Point deployed solution.

  2. The Internal Load Balancer forwards the reply traffic to the same VMSS Gateway instance that processed the request traffic from the Web Server Host 1 to the Web Server Host 2.

  3. The Check Point Security Gateway instance:

    1. Inspects the reply traffic.

    2. Forwards the reply traffic to the Web Server Host 1.

Intra-Subnet Traffic

Traffic travels freely in the subnet without inspection.