Configuring Mirror and Decrypt in Gateway mode

Example topology:

Item

Description

1

Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources., through which your networks send and receive their traffic.

2

Recorder, or Packet-Broker that works in a monitor (promiscuous) mode.

3

Flow of the decrypted and mirrored traffic from the Security Gateway (1) to the Recorder, or Packet-Broker (2).

eth4

Designated physical interface on the Security Gateway (1).

Workflow for configuring Mirror and Decrypt in Gateway mode:

Step

Instructions

1

Read and follow the Mirror and Decrypt Requirements.

2

Prepare the Security Gateway / each Cluster MemberClosed Security Gateway that is part of a cluster. / Scalable Platform Security GroupClosed A logical group of Security Appliances (in Maestro) / Security Gateway Modules (on Scalable Chassis) that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances / Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. In Maestro, each Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected..

See Preparing the Security Gateway, each Cluster Member, Security Group.

3

Configure the Mirror and Decrypt in the Security Gateway / ClusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. / Scalable Platform Security Group object in SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on..

See Configuring Mirror and Decrypt in SmartConsole for Gateway Mode.