General Information

About this Guide

This guide explains how to configure IPsec tunnels and service chain traffic from a device by VMWare SD-WAN (VeloCloud) SD-WAN device to Check Point CloudGuard Connect.

These instructions refer to VeloCloud Orchestrator of version 3.2.2 and later.

About VeloCloud SD-WAN

SD-WAN by VeloCloud provides automatic deployment and improved performance over private, broadband Internet and LTE links for enterprises and service providers.

SD-WAN by VeloCloud is based on SDN and flexible. It addresses end-to-end automation, application continuity, branch transformation, and security from the data center to cloud to the edge.

VeloCloud Architecture Overview:

Components and Moving Parts

Element

Description

VeloCloud edge

An appliance installed in customer's environment.

VeloCloudGateway

A Gateway unit located in one of the VeloCloud data centers. It is used as a gateway between the edge device and the internet / WAN.

VeloCloud's Orchestrator

A Management Server that manages all aspects of configuration, monitoring, and all other aspects of the edge devices.

Check Point Infinity Portal

https://portal.checkpoint.com

This guide covers the use case when your branch offices are protected with Check Point through this topology:

LAN > VeloCloud Edge > VeloCloud Gateway > CloudGuard Connect > Internet.

About Check Point CloudGuard Connect

Check PointCloudGuard Connect is a cloud security platform that provides Check Point latest threat prevention and access control for branch offices. Companies can connect their present routing equipment or SD-WAN device to CloudGuard Connect without other dedicated hardware by Check Point. CloudGuard Connect is a full software-as-a-service solution that needs no customer maintenance.

Check Point security product line includes: preventing known attacks using reputation services, signatures and bot communication prevention, preventing unknown attacks using cloud-based sandboxing, an Access Control Policy including Content Awareness, HTTPS Inspection and Application Control, and a web-based management for security events and log monitoring, policy, and site configuration.

For more information see CloudGuard Connect Administration Guide.