Planning Security Management

Sizing the Security Management Server

This section provides information to help you size a Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. and validate the sizing of an existing environment.

The data required for accurate sizing of the Security Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server.:

• Number of Security Gateways managed by the Security Management Server.

• Sustained logs per second.

• Large-scale deployments:

  • Number of Domains

  • Size of Rule Base All rules configured in a given Security Policy. Synonym: Rulebase.

  • Number of concurrent administrators

  • Security Management limitations

You can find guidelines on how to collect the data and identify the appropriate size for your Management Server in sk181782.

For Multi-Domain / Large-scale deployments, refer to sk178325.

We recommend:

• To use dedicated Management Servers.

• To use dedicated Log Servers.

• Configure Management High Availability. You can use standby Management Servers as Log Servers for your gateways

• Use dedicated SmartEvent Servers.

• You can define the SmartEvent Server as the Primary Log Server Dedicated Check Point server that runs Check Point software to store and process logs. for your gateways (does not apply to Multi-Domain Security Management configurations).

After installing the Security Management Server and Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources., you can continue with cyber security configuration for your environment.

Define your Organization's Topology

Network topology consists of network components, both physical and logical, such as physical and virtual Security Gateways, hosts, hand-held devices, CA servers, third-party servers, services, resources, networks, address ranges, and groups. Each of these components corresponds to an object in your Check Point security management configuration. Configure those objects in SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.. See Network Object Types.

Define users and user groups that your security environment protects

You can add users and groups to the database manually, through LDAP and User Directory Check Point Software Blade on a Management Server that integrates LDAP and other external user management servers with Check Point products and security solutions., or with the help of Active Directory.

To add users: see .

To add groups: see .

To use LDAP and User Directory, see .

To use Active Directory, see .

Define Access Rules for Protection of your Organization's Resources

Configure access rules and group them in policies that are enforced on the Security Gateways. You can define access policies based on traffic, applications, Web sites, and data (see Managing Policies). Set up preventative actions against known threats with Check Point Anti-Virus Check Point Software Blade on a Security Gateway that uses real-time virus signatures and anomaly-based protections from ThreatCloud to detect and block malware at the Security Gateway before users are affected. Acronym: AV. and Anti-Malware. Educate users about the validity and security of the operations they attempt with the help of UserCheck. Track network traffic and events through logging and monitoring.

Enforce Access Policies

Configure the Security Gateways. Make sure to activate the appropriate Software Blades. Then, install your policies on the Security Gateways.