Getting Started with SmartProvisioning

In SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., configure the SmartProvisioning Check Point Software Blade on a Management Server (the actual name is "Provisioning") that manages large-scale deployments of Check Point Security Gateways using configuration profiles. Synonyms: Large-Scale Management, SmartLSM, LSM. permission in the applicable Permission Profiles, so the applicable administrators could work with SmartProvisioning.

See Configuring Administrators in SmartProvisioning.
Enable SmartProvisioning on the Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server..

See Activating SmartProvisioning on the Security Management Server.
Enable SmartProvisioning on all Security Gateways, which you wish to manage with SmartProvisioning.

See Activating SmartProvisioning on a Security Gateway.
Connect with SmartConsole to you Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..
In SmartConsole, create the required SmartLSM Security Profiles for your Security Gateways.

See Creating SmartLSM Security Profiles.

This way you can enable or disable a Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. on all Security Gateways that use this profile with one change and one policy installation.
In the SmartConsole top left corner, click Menu > click SmartProvisioning.
If you wish to manage configuration of Security Gateways with a profile, in SmartProvisioning, create the required SmartLSM Provisioning Profiles for your Security Gateways.

This way you can configure some operating system settings on all Security Gateways that use this profile with one change and one policy push.
- For regular Security Gateways, you can configure DNS, Hosts, and Domain Name.
  
  See Configuring Provisioning Profiles for Security Gateways.
- For Quantum Spark Appliances, you can configure DNS, Hosts, Domain Name, Firmware, RADIUS, Hotspot, and a Configuration Script.
  
  See the Configuring Provisioning Profiles for Small Office Appliances Gateways.
Create the required device objects for your Security Gateways.
- For regular Security Gateways, seeCreating Check Point Security Gateways in SmartProvisioning.
- For Quantum Spark Appliances, see Creating a Small Office Appliance Gateway in SmartProvisioning.
  
  Optional: Use the SmartProvisioning Wizard.
Note - You can always assign or remove a SmartLSM Provisioning Check Point Software Blade on a Management Server that manages large-scale deployments of Check Point Security Gateways using configuration profiles. Synonyms: SmartProvisioning, SmartLSM, Large-Scale Management, LSM. Profile in the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. object properties.
Open each Security Gateway object and make sure the settings are correct for your environment.

See:
Optional: If your Security Gateway must participate in a Site to Site VPN, see VPNs and SmartLSM Security Gateways.
In SmartProvisioning, push the settings to the applicable profiles and devices:
- From the left panel, click Profiles > select a profile > from the top Actions menu, select Push Settings and Actions.
- From the left panel, click Devices > right-click a device object > click Actions > click Push Settings and Actions > right-click a device object > click Actions > click Push Policy.