Supported Environments

Management Server

These platforms support R81 in the Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. and Log Server Dedicated Check Point server that runs Check Point software to store and process logs. configurations:

^(*) Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.

^(*) Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.

Management High Availability:

You can configure Check Point Management High Availability Deployment and configuration mode of two Check Point Management Servers, in which they automatically synchronize the management databases with each other. In this mode, one Management Server is Active, and the other is Standby. Acronyms: Management HA, MGMT HA. between on-premises Management Servers and Management Servers in a cloud.

You must make sure the required Check Point traffic can flow between the on-premises servers and the servers in the cloud.

Security Gateway or Cluster

These platforms support R81 in the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. or Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. configuration:

Standalone (Gateway + Management Server)

Only these platforms support R81 in the Standalone Configuration in which the Security Gateway and the Security Management Server products are installed and configured on the same server. configuration:

1. These appliance models support Standalone only with the HDD storage.

   These appliance models do not support Standalone with the SSD storage.

   To see the disk type

   1. Connect to the command line.

   2. Log in to the Expert mode.

   3. Get the list of disk device names:

      fdisk -l | grep '/dev/'

      In the output, refer to the name of the disk device (sda, sdb, and so on).

   4. Run this command for your disk device (sda, sdb, and so on):

      cat /sys/block/<DISK_DEVICE_NAME>/queue/rotational

      Example:

      cat /sys/block/sda/queue/rotational

   5. The returned value:

      • 1 - means this disk is HDD

      • 0 - means this disk is SSD

2. Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.

Threat Emulation Appliances

Quantum Maestro

For the list of supported Security Appliances in a Maestro Security Group A logical group of Security Appliances (in Maestro) / Security Gateway Modules (on Scalable Chassis) that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances / Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. In Maestro, each Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected., see sk162373.

User Space Firewall (USFW)

Security Gateways on these platforms run in the User Space Firewall mode by default:

1. Open Server Physical computer manufactured and distributed by a company, other than Check Point. must have 40 or more CPU cores.

2. Virtual Machine must have 40 or more virtual CPU cores.

   Applies to Public Cloud and to Private Cloud.

   See the Hardware Compatibility List > Section Virtual Machines.

Virtualization Platforms

For the most up-to-date information about the supported Linux versions and virtualization platforms, see the Hardware Compatibility List > Section Virtual Machines.

Cloud Platforms

Supported setups for cloud solutions:

• Amazon Web Services:

  • Security Gateway

  • High Availability A redundant cluster mode, where only one Cluster Member (Active member) processes all the traffic, while other Cluster Members (Standby members) are ready to be promoted to Active state if the current Active member fails. In the High Availability mode, the Cluster Virtual IP address (that represents the cluster on that network) is associated: (1) With physical MAC Address of Active member (2) With virtual MAC Address. Synonym: Active/Standby. Acronym: HA. Cluster

  • Security Gateway Auto Scaling Group

  • Transit Gateway with ASG

  • Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server.

  • Standalone

• Microsoft Azure:

  • Security Gateway

  • High Availability Cluster

  • Virtual Machine Scale Sets

  • Security Management Server

  • Multi-Domain Server Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS.

  • Standalone

• Google Cloud Platform (GCP):

  • Security Gateway

  • High Availability Cluster

  • Managed Instance Group (MIG)

  • Security Management Server

  • Standalone