Using VSX with Multi-Domain Server

You can manage a VSXClosed Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. deployment using Multi-Domain ServerClosed Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS..

Only procedures specific to VSX deployments are discussed.

This chapter assumes that you are familiar with the Multi-Domain Server product.

For more about Multi-Domain Server, see the R81.10 Multi-Domain Security Management Administration Guide.

Check Point Multi-Domain Server is a centralized security management solution that addresses the unique requirements of service providers and large enterprises. By using Multi-Domain Server, administrators can centrally manage multiple independent networks, often belonging to different Domains, divisions, or branches.

Item

Description

1

SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.

2

Multi-Domain Server

3

Domain Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server.

4

Main Domain Management Server

5

VSX GatewayClosed Physical server that hosts VSX virtual networks, including all Virtual Devices that provide the functionality of physical network devices. It holds at least one Virtual System, which is called VS0.

6

Virtual Systems in Domain Management Servers

The Multi-Domain Server is a central Management Server that hosts the network management and security policyClosed Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection. databases for these networks. Each independent domain is represented by a Domain, which provides the full functionality of a Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources.. Each Domain Management Server can host Virtual Systems, Virtual Routers and Virtual Switches as well as physical Check Point Security Gateways.

The Domain Management Server that manages a VSX Gateway or clusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. is known as a Main Domain Management Server. You can host multiple Gateways and/or clusters on one Multi-Domain Server. Virtual Systems belonging to a given Domain can be distributed among multiple VSX Gateways and clusters.

When connected to a Multi-Domain Server, SmartConsole offers a centralized management solution for Domains, Domain Management Servers and the Multi-Domain Server environment. Each Domain Management Server uses its own instance of SmartConsole, which is accessible only via the Multi-Domain Server, to provision its Virtual Devices and physical Gateways, as well as to manage their Security Policies.