Supported Environments
Management Servers boot by default with 64-bit Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. kernel after a clean installation or upgrade to R81.
|
Notes:
|
Management Server and Log Server
These platforms support R81 in the Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. and Log Server Dedicated Check Point server that runs Check Point software to store and process logs. configurations:
(*) Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
Management High Availability:
You can configure Check Point Management High Availability Deployment and configuration mode of two Check Point Management Servers, in which they automatically synchronize the management databases with each other. In this mode, one Management Server is Active, and the other is Standby. Acronyms: Management HA, MGMT HA. between on-premises Management Servers and Management Servers in a cloud.
You must make sure the required Check Point traffic can flow between the on-premises servers and the servers in the cloud.
For Management High Availability A redundant cluster mode, where only one Cluster Member (Active member) processes all the traffic, while other Cluster Members (Standby members) are ready to be promoted to Active state if the current Active member fails. In the High Availability mode, the Cluster Virtual IP address (that represents the cluster on that network) is associated: (1) With physical MAC Address of Active member (2) With virtual MAC Address. Synonym: Active/Standby. Acronym: HA. restrictions, see sk39345.
Security Gateway or Cluster
These platforms support R81 in the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. or Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. configuration:
Standalone and Full High Availability
Only these platforms support R81 in the Standalone Configuration in which the Security Gateway and the Security Management Server products are installed and configured on the same server. (Gateway + Management Server) configuration or Full High Availability A special Cluster Mode supported only on Check Point appliances running Gaia OS (R75.40 and higher) or SecurePlatform OS (R77.30 and lower), where each Cluster Member also runs as a Security Management Server. This provides redundancy both between Security Gateways (only High Availability is supported) and between Security Management Servers (only High Availability is supported - see sk39345). Synonyms: Full HA Cluster Mode, Full HA, FullHA. Cluster configuration:
-
These appliance models support Standalone only with the HDD storage.
These appliance models do not support Standalone with the SSD storage.
To see the disk type-
Connect to the command line.
-
Log in to the Expert mode.
-
Get the list of disk device names:
fdisk -l | grep '/dev/'
In the output, refer to the name of the disk device (
sda
,sdb
, and so on). -
Run this command for your disk device (
sda
,sdb
, and so on):cat /sys/block/<DISK_DEVICE_NAME>/queue/rotational
Example:
cat /sys/block/sda/queue/rotational
-
The returned value:
-
1 - means this disk is HDD
-
0 - means this disk is SSD
-
-
-
Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
-
It is not supported to enable the SmartEvent Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. on any cluster member Security Gateway that is part of a cluster. in Full High Availability Cluster configuration.
Quantum Maestro
For the list of supported Security Appliances in a Maestro Security Group A logical group of Security Appliances (in Maestro) / Security Gateway Modules (on Scalable Chassis) that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances / Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. In Maestro, each Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected., see sk162373.
User Space Firewall (USFW)
Security Gateways on these platforms run in the User Space Firewall mode by default:
Platform |
SK |
USFW |
---|---|---|
28000, 28600HS |
|
|
26000, 26000T |
|
|
23900 From R80.40, the model 23500 does not support USFW |
|
|
16000, 16000T, 16200, 16600HS |
|
|
7000 |
|
|
6200B, 6200P, 6200T, 6400, 6600, 6700, 6900 |
|
|
3600, 3600T, 3800 |
|
|
Open Servers (1) |
N / A |
|
Virtual Machines (2) |
N / A |
|
-
Open Server Physical computer manufactured and distributed by a company, other than Check Point. must have 40 or more CPU cores.
-
Virtual Machine must have 40 or more virtual CPU cores.
Applies to Public Cloud and to Private Cloud.
See the Hardware Compatibility List > Section Virtual Machines.
|
Notes:
|
Virtualization Platforms
For the most up-to-date information about the supported Linux versions and virtualization platforms, see the Hardware Compatibility List > Section Virtual Machines.
Cloud Platforms
Supported setups for cloud solutions:
-
Amazon Web Services:
-
Security Gateway
-
High Availability Cluster
-
Security Gateway Auto Scaling Group
-
Transit Gateway with ASG
-
Standalone
-
-
Microsoft Azure:
-
Security Gateway
-
High Availability Cluster
-
Virtual Machine Scale Sets
-
Security Management Server
-
Standalone
-
-
Google Cloud Platform (GCP):
-
Security Gateway
-
High Availability Cluster
-
Managed Instance Group (MIG)
-
Security Management Server
-
Standalone
-