CloudGuard Controller for OpenStack

The CloudGuard ControllerClosed Provisions SDDC services as Virtual Data Centers that provide virtualized computer networking, storage, and security. integrates the Check Point Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. with OpenStackClosed An open source cloud-computing infrastructure for service providers and enterprises. It includes modules for administration, storage, networking and Virtual Machine deployment and control. Keystone. Authentication is done via OpenStack Keystone and network objects are updated from OpenStack Neutron.

Prerequisites

Version "Ussuri" or lower.

Connecting to an OpenStack Server with SmartConsole

Step

Instructions

1

In SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., create a new Data CenterClosed Virtual centralized repository, or a group of physical networked hosts, Virtual Machines, and datastores. They are collected in a group for secured remote storage, management, and distribution of data. object in one of these ways:

  • In the top left corner, click Objects menu > More object types > Server > Data Center > New OpenStack.

  • In the top right corner, click Objects Pane > New > More > Server > Data Center > OpenStack.

2

In the Enter Object Name field, enter the applicable name.

3

In the Hostname field, enter the URL of your OpenStack server in this format (HTTP or HTTPS):

http://1.2.3.4:5000/<keystone_version>

https://1.2.3.4:5000/<keystone_version>

Example:

https://1.2.3.4:5000/v3

Note - If you do not know your keystone URL, run this command on the OpenStack server to find it:

openstack endpoint show keystone | grep publicurl

4

In the Username field, enter your username for the OpenStack server.

5

In the Password field, enter your password for the OpenStack server.

6

Click Test Connection.

If the certificate window opens, confirm the certificate and click Trust.

7

When the connection status changes to Connected, Click OK.

If the status is not Connected, troubleshoot the issue before you continue.

8

Click OK.

9

Publish the SmartConsole session.

10

Install the Access Control policy on the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. object.

Connecting to an OpenStack Data Center Server with Management API

Go to Management API Reference > Click on see arguments per Data Center Server type and select OpenStack.

Connecting to an OpenStack Data Center Server with Terraform

See checkpoint_management_openstack_data_center_server.

Important - If it is necessary to log into an OpenStackDomain that is not your default Domain, use this format:

<OpenStack_domain_name>/<user_name>

OpenStack Objects and Properties

OpenStack Imported Objects

Object

Description

Instances

Virtual Machines inside the cloud.

Security Groups

Sets of IP address filter rules for networking access.

They are applied to all instances within a project.

Subnet

A block of IP addresses and associated configuration states.

Subnets are used to allocate IP addresses when new ports are created on a network.

OpenStack Imported Properties

Property

Description

IP

  • VM - Virtual Machine's IP address

  • Security Group - IP addresses of the Virtual Machines inside the group

  • Subnets - IP addresses of the Virtual Machines inside the subnet

Note

  • Instances - Empty

  • Security Group - Description of the group

  • Subnet - IP address and mask of the subnet

URI

Object path