Silver Peak Integration with Orchestrator Version 8.8.3 and Higher

Note - This procedure create a new site automatically in Harmony Connect. You cannot change the location of the site.

  1. Log in to the Infinity Portal.

  2. Navigate to Global Settings > API Keys.

  3. Click New.

  4. From the Service list, select Harmony Connect.

  5. From the Roles list, select Admin.

  6. Click Create.

  7. Copy and save the Client ID and the API Access Key.

  1. In the Silver Peak Orchestrator, click Configuration > Cloud Services > Check Point CloudGuard Connect.

  2. Click Subscription.

    The Subscription window appears.

  3. Paste the Client ID and the API Access Key generated in the Infinity Portal.

  4. Click Save.

  1. In the Silver Peak Peak Orchestrator, click Check Point CloudGuard Connect > Interface Labels.

    Silver Peak uses labels to create a consistent global policy across various edge devices. Any edge device with your selected labels receives the Check Point security automatically after the integration.

  2. Select the order for the interface labels.

  3. Click Save.

  1. On the left pane, right-click the applicable device and select Deployment.

  2. In the Deployment window, select a Check Point interface label.

Configuring a Business Intent Overlay Policy (BIO)

  1. In the Silver Peak Orchestrator, click Configuration > Overlays > Business Intent Overlays.

  2. Double-click the Check Point security policy rule that you want to apply to the traffic.

    The Overlay Configuration window appears.

  3. Click Breakout Traffic to Internet & Cloud Services.

  4. From the Available Policies list, drag-and-drop the Check Point CloudGuard policy to Preferred Policy Order. This policy is available only if you have the Check Point subscription.

  5. Click OK.

  6. (Optional) Apply the Check Point protection to each applicable device. Only the labeled edge devices traffic can pass through the Check Point.

  7. Click Save and Apply Changes to Overlays.

  1. Log in to the Infinity Portal.

  2. Navigate to Harmony Connect and click Assets > Branches & Data Centers.

Harmony Connect creates the site and establishes a VPN tunnel automatically.

When the site is created, the site status is Waiting for traffic and when you generate traffic between the Silver Peak SD-WAN device and Harmony Connect through the VPN tunnel, the status changes to Active.

You can monitor various attacks prevented by the Harmony Connect cyber-security features. For more information, see Internet and Network Access Logs.