Monitoring Management Interfaces Link State
By default, Security Group
A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. monitors the link state only on data ports (eth<X>-<YZ>).
The Management Monitor feature uses SNMP to monitor management ports on the Quantum Maestro Orchestrators.
The link state is sent to all Security Group Members.
The Management Monitor feature is disabled by default.
To enable this feature, run the "set chassis high-availability mgmt-monitoring on" command in Gaia gClish The name of the global command line shell in Check Point Gaia operating system for Security Appliances connected to Check Point Quantum Maestro Orchestrators. Commands you run in this shell apply to all Security Appliances in the Security Group. of the Security Group.
When the Management Monitor feature is enabled:
-
The monitored management ports are included in the Security Group grade mechanism, according to the predefined factors (default is 11).
-
The output of the "
asg stat -v" command shows the Management ports.See the "
Chassis Parameters > Ports > Mgmt" line in the output example below. -
The "
show interfaces" command in Gaia gClish shows the link state of management interfaces based on this feature mechanism.