VSX Provisioning

The procedures for provisioning and configuring VSXClosed Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. Gateways, clusters and Virtual Devices using the Multi-Domain ServerClosed Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS. model are essentially the same as described for the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. management model.

The most important difference is that you must first create and configure each Domain and its associated Domain Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. objects using the SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. connected to a Multi-Domain Server.

Each Domain Management Server is the functional equivalent of one VSX GatewayClosed Physical server that hosts VSX virtual networks, including all Virtual Devices that provide the functionality of physical network devices. It holds at least one Virtual System, which is called VS0..

You connect to each Domain Management Server with SmartConsole to work with network objects, security policiesClosed Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection. and other objects for that VSX Gateway.

This is the basic workflow for provisioning a VSX environment in a Multi-Domain Server deployment:

  1. Define and configure Multi-Domain Server and Multi-Domain Log ServerClosed Dedicated Check Point server that runs Check Point software to store and process logs. as applicable for your deployment.

  2. Create and configure a Domain and Domain Management Server for each VSX Gateway and/or VSX ClusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing..

  3. With SmartConsole, connect to the Domain Management Server to create and configure the VSX Gateway and/or VSX Cluster objects.

    See Working with VSX Gateways and Working with VSX Clusters.

    Configure the default security policy for these objects as necessary.

  4. Define individual Domains and Domain Management Servers as required for your deployment.

  5. Create and configure Virtual Systems and other Virtual Devices for each Domain in the SmartConsole connected to that Domain.

    See Working with Virtual Systems, Working with Virtual Switches, and Working with Virtual Routers.