Configuring a Check Point SMB

After you create the site at Check Point Harmony Connect, on this site you must configure your branch office to route traffic through Harmony Connect.

Check Point creates the back-end architecture for tunneling the traffic from the branch device to the Internet.

Notes:

  • To enhance the service reliability, we recommend you to create and use two tunnels.

  • If you use IPsec tunnels, Check Point provides the tunnel addresses as FQDN domains. If your branch device supports configuration of the tunnels as IP addresses, and not as FQDN domains, Check Point strongly recommends to send a notification to Check Point Support about your configuration. For more information about how to open a support ticket for Harmony Connect, see sk154712.

To configure your branch device:

  1. On the site thumbnail, click the Configure branch device button.

    The Instructions window opens.

  2. From the top field, select your SD-WAN branch office device.

  3. Follow the instructions on the screen to get the IPsec configuration properties, pre-shared key, tunnel addresses, and the traffic routes.

  4. Click Close.

Configuring Web Management Service for Check Point SMB

To configure IPsec tunnels from the Check Point SMB, perform these steps:

  1. Log into your Check Point SMB portal.

  2. Create and configure two Check Point IPsec Tunnels and route the traffic through the tunnels. See Configuring your Device for SMB.

  3. Test your configuration. See Testing your configuration.

    Note - If you use the cloud SMP (Security Management Portal), you can create an SMBPlan that consists of all the branch devices connected with Check Point Harmony Connect to unify the device traffic logs. Other configurations are only available when you connect directly to each device.

Now you can monitor the Cybersecurity Events at the Check Point Infinity Portal. See Monitoring Cybersecurity Events.