Deploying Servers on the Internal Network

After you install a Policy on the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. from the Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server., launch server instances on the "internal" network. Traffic to and from the servers is protected by the Security Gateway.

The servers must be from a vendor or configuration that is supported by the OpenStackClosed An open source cloud-computing infrastructure for service providers and enterprises. It includes modules for administration, storage, networking and Virtual Machine deployment and control. deployment.

Launch instances using the command line, using a OpenStack Heat template, or using the OpenStack Horizon Web UI.

Note - The Havana release of OpenStack does not allow associating a public floating IP to a server that is not directly connected to the router. Therefore, you cannot give a public IP address to servers in the "internal" network. However, you can allocate additional public floating IP addresses to the external interface of the Check Point Security Gateway, and then use Static NAT rules to redirect traffic for these addresses to servers in the "internal" network.