The CloudGuard Controller integrates the Nuage cloud with Check Point security.
The Check Point Data Center Server connects to the Nuage cloud and retrieves object data.
The CloudGuard Controller updates IP addresses and other object properties in the Data Center Objects group.
Step |
Description |
---|---|
1 |
In SmartConsole, create a new Data Center object in one of these ways:
|
2 |
In the Enter Object Name field, enter the desired name. |
3 |
In the Hostname field, enter the IP address or hostname of your Nuage VSD server. Note - The addresses can be HTTP or HTTPS, but not both. The Nuage version is set by default to 4.0 and the port to 8443. |
4 |
In the Username field, enter your Nuage administrator username. |
|
In the Organization field, enter your organization name or enterprise. |
5 |
In the Password field, enter your Nuage administrator password. |
6 |
Click Test Connection. |
7 |
Click OK. |
8 |
Publish the session. |
Objects
Object |
Description |
---|---|
Enterprise |
A logical separator for customers, BU, groups, traffic, administrators, visibility, and more. |
Domain |
A logical network that enables L2 and L3 communication among a set of Virtual Machines. |
Security Zone |
A set of network endpoints that have to agree with the same security policies. |
Policy Group |
Collections of vPorts and/or IP addresses that are used as building blocks for security policies that include multiple endpoints. Add one or more vPorts to a policy group using this interface. A policy group can also represent one or more IP/MAC addresses that it learned from external systems from BGP route advertisements based on origin. |
Subnet |
Subnets are defined under a zone. It is equivalent to an L2 broadcast domain, which enables its endpoints to communicate as if they were part of the same LAN. |
Instance |
Virtual Machine. |
vPort |
It is attached to a Virtual Machine or to a host and bridge interface. It provides connectivity to BMS and VLANs. It can be created or auto-discovered. |
L2Domain |
An L2 Domain is a distributed logical switch that enables L2 communication. An L2 Domain template can be started as often as required. This creates functioning L2 Domains. |
Network Macro |
Organization-wide defined macros that can be used as a destination of a policy rule. For example, you can create a network that represents your internal Internet access. You can then use it as a destination of a policy rule to drop any packet that is arrives from a particular port. |
Network Macro Group |
A collection of existing Network Macros. These groups can be used in Security Policies to create rules that match multiple Network Macros. |
Imported Properties
Imported Property |
Description |
---|---|
Name |
Resource name as shown in the Nuage console. User can edit the name after importing the object. |
Name in Data Center |
Resource name as shown in the Nuage console. |
Type in Data Center |
Resource type. |
IP |
Associated IP address. |
Note |
|
URI |
Object path. |