Creating a New Site

Every site on the Sites page represents the device in your branch office that connects you to the Internet.

You can add, manage and delete the Sites in your organization and view all your site locations.

Example:

To connect a branch office and manage its security, you must create a site that represents this branch office SD-WAN office device, and then route its traffic to the network through Harmony Connect.

To add a new site:

  1. Click the + Add button in the upper row.

    The Create New Site window opens.

  2. Enter this information on the pane General:

    • Name - A name for the Site.

    • Site Address - Physical location of the branch office.

      This field is an option to show your site on the world map.

    • Location of the Cloud Service - Location of the service for this connection. Select from the list of options.

      Best Practice - Harmony Connect inspects traffic from your branch office to the Internet with a cloud service that resides in one of these locations. To achieve the best performance, you typically select the location of the cloud service that is closest to the location of your site. For some countries, most notably South America or the Middle East, the best choice for Location of the cloud service might be presence of a strong cross-country Internet link.

    • Number of users (Estimation) - The expected number of users.

    • Comments - Optional description of the site.

    Example:

  3. Click Next.

  4. Enter this information on the pane Connection Details:

    • Device Type - Select Generic Router / SD-WAN

      Check Point uses the Device Type value to optimize connectivity to this specific device type.

    • Tunnel Type - Two options are available:

      • IPsec (more secure)

      • GRE

      Note - Cradlepoint only supports tunnel type of IPsec.

    • External IPs - One or more of the IP address of your branch office site.

      Notes:

      • For the purpose of this guide we selected Static IP Address for the Site.

      • If you have more than one external network interface, use the Add another external IP address. To secure all the traffic, Check Point recommends to add all your external IP addresses.

      Example:

  5. Click Next.

  6. On the Authentication page, you can see the Shared Secret.

    Example:

  7. Click Next.

    The Internal Subnets pane opens.

  8. On the Internal Subnets pane, enter the IP address of your internal networks in the branch office site.

    Check Point Harmony Connect applies its cybersecurity features on any traffic coming from these network addresses.

  9. Click Next.

    Confirm Site Creation pane opens.

  10. Go to Confirm Site Creation > Finish and Create Site and wait.

    It might take Check Point several minutes to create the site.

    The new site appears in the list of the sites, with the status Generating Site.

    The status changes to Waiting for Traffic when the site is ready.