|
|
|
vSEC for ACI is the Check Point Advanced Security solution for Cisco ACI fabric. The Check Point vSEC solution enforces Advanced Threat Prevention inside the ACI fabric and allows complete integration between Cisco APICs and Check Point’s Security Management Server. It proactively stops malware and zero-day attacks inside the data center environment and outside of the fabric. The unified management of virtual and physical gateways simplifies security management across the entire network.
vSEC has two main components:
Note - Before you start the installation, verify that all software and hardware components are compatible based on the R80 vSEC for Cisco ACI Release Notes.
Check Point vSEC for ACI requires a license attached to the Security Management Server (or MDS). The license is based on the total number Cisco ACI leaf switches managed by the APICs that is integrated with the Check Point Security Management Server of MDS. The vSEC for ACI license covers the functionality of ACI integration. No additional license is required on the security gateways to support this functionality. The license does not cover other management and/or gateway capabilities and those are required in addition to the ACI license. The license is perpetual and accumulative. It is possible to add additional leaf licenses based on need. The license covers management HA for SMS and MDS.
