Note - This procedure applies to both Check Point Appliances and Open Servers.
Workflow:
Step 1 of 3: Install the Security Gateway
Step |
Description |
---|---|
1 |
Install the Gaia Operating System: |
2 |
|
3 |
During the First Time Configuration Wizard, you must configure these settings:
|
Step 2 of 3: Configure the Security Gateway object in SmartConsole - Wizard Mode
Step |
Description |
---|---|
1 |
Connect with SmartConsole to the Security Management Server or Domain Management Server that should manage this Security Gateway. |
2 |
From the left navigation panel, click Gateways & Servers. |
3 |
Create a new Security Gateway object in one of these ways:
|
4 |
In the Check Point Security Gateway Creation window, click Wizard Mode. |
5 |
On the General Properties page:
|
6 |
On the Trusted Communication page:
|
7 |
On the End page:
Check Point Gateway properties window opens on the General Properties page. |
8 |
If during the Wizard Mode, you selected Skip and initiate trusted communication later:
|
9 |
On the Network Security tab, enable the desired Software Blades. Important - Do not select anything on the Management tab. |
10 |
Click OK. |
11 |
Publish the SmartConsole session. |
Step 2 of 3: Configure the Security Gateway object in SmartConsole - Classic Mode
Step |
Description |
---|---|
1 |
Connect with SmartConsole to the Security Management Server or Domain Management Server that should manage this Security Gateway. |
2 |
From the left navigation panel, click Gateways & Servers. |
3 |
Create a new Security Gateway object in one of these ways:
|
4 |
In the Check Point Security Gateway Creation window, click Classic Mode. Check Point Gateway properties window opens on the General Properties page. |
5 |
In the Name field, enter the desired name for this Security Gateway object. |
6 |
In the IPv4 address and IPv6 address fields, configure the same IPv4 and IPv6 addresses that you configured on the Management Connection page of the Security Gateway's First Time Configuration Wizard. Make sure the Security Management Server or Multi-Domain Server can connect to these IP addresses. If this Security Gateway receives its IP addresses from a DHCP server, select Dynamic Address. |
7 |
Establish the Secure Internal Communication (SIC) between the Management Server and this Security Gateway:
|
|
If the Certificate state field does not show
|
8 |
In the Platform section, select the correct options:
|
9 |
On the Network Security tab, enable the desired Software Blades. Important - Do not select anything on the Management tab. |
10 |
Click OK. |
11 |
Publish the SmartConsole session. |
Step 3 of 3: Configure the applicable Access Control policy for the Security Gateway in SmartConsole
Step |
Description |
---|---|
1 |
Connect with SmartConsole to the Security Management Server or Domain Management Server that manages this Security Gateway. |
2 |
From the left navigation panel, click Security Policies. |
3 |
Create a new policy and configure the applicable layers:
|
4 |
Create the applicable Access Control rules. |
5 |
Install the Access Control Policy on the Security Gateway object. |
For more information, see the: