Setting the Management Mode

The Home > Security Management page shows information for the management mode of the appliance. You can also test Internet Connectivity from this page.

To set the management type:

Select one of the options:

When centrally managed, it shows the trust status between the appliance and the Security Management ServerClosed A Check Point Security Management Server or a Multi-Domain Security Management Server.. When a policy is prepared in SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. you can fetch the policy from this window.

Security Management Server

In this section you can view the status of the management connection, last policy installation, adjust trust settings, and initialize a connection.

  1. In the Security Management Server section, click Settings to adjust trust settings or Setup to initialize a connection.

    The Welcome to the Security Management Server Configuration Wizard opens.

    Click Next.

  2. In the One Time Password (SIC) page, select an option for authenticating trusted communication:

    • Initiate trusted communication securely by using a one-time password - The one-time password is used to authenticate communication between the appliance and the Security Management Server in a secure manner.

      Enter a one-time password and confirm it. This password is only used to establish the initial trust. When established, trust is based on security certificates.

      Important - This password must be identical to the Secure Communication authentication one-time password configured for the appliance object in the SmartConsole of the Security Management Server.

    • Initiate trusted communication without authentication (not secure) - Select this option only if you are sure that there is no risk of imposture (for example, when in a lab setting).

    Click Next.

  3. In the Security Management Server Connection page, select a connection method:

    • To connect to the Security Management Server now, select Connect to the Security Management Server now, enter the Security Management Server IP or name and click Connect. When you successfully connect to the Security Management Server, the security policy is automatically fetched and installed.

      If the Security Management Server is deployed behind a 3rd party NAT device, select Always use this IP address and manually enter the IP address the appliance used to reach the Security Management Server. This IP address overrides, from this point on, the automatic calculating mechanism that determines the routeable IP address of the Security Management Server for each appliance.

      If trust was established but the gateway could not fetch the policy, you can investigate the issue with the Security Management Server administrator. When the issue is resolved, click the Fetch Policy button that shows instead of the Connect button.

    • To connect to the Security Management Server later, select Connect to the Security Management Server later.

  4. Click Finish.

To reinitialize trusted communication with the Security Management Server:

  1. In the Security Management Server section, click Advanced to reinitialize trusted communication.

  2. Click Reinitialize Trusted Communication.

    A warning message appears.

  3. Click Yes.

    Note - You need to coordinate this operation with the Security Management Server administrator, as reinitialization is necessary on both sides.

Security Policy

To obtain the security policy from the Security Management Server, click Fetch Policy. This option is available only if trust is established with the Security Management Server.

Internet

To test connectivity, click Test Connection Status. A status message shows the results of the test. You can click Settings to configure Internet connections.