This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
thomascripps
Explorer
a month ago
Jump to solution

New option on cloud deployments for "Use Geo Mode in a Cloud" when on R81.20

I have noticed on the cloud deployment guides for a HA deployment that it's now recommended to Use Geo Mode in a Cloud when on R81.20. Does anyone know what this option does at all?

0 Kudos
2 Solutions

Accepted Solutions
Roman_Kats
Employee
Employee
4 weeks ago
Jump to solution

Hi @thomascripps 
This option aimed for cluster members that are located in different networks (subnets). Enabling Geo Mode allows configuring cluster network topology for members in different networks.
Particular use case is CloudGuard for AWS Cross Availability Zone Cluster. Each cluster member located in different availability zone hence in different subnets. 
https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CloudGuard_for_AWS_Cross_AZ_Cluster/C... 

View solution in original post

0 Kudos
almogar
Employee
Employee
4 weeks ago
Jump to solution

Hi there,
Check Point clusters typically need sync interfaces on the same subnet - 0 hops between them. But in Cloud Clusters, spreading members across availability zones increases availability as availability zones are designed to self-contain availability issues.
Geo Mode allow CloudGuard Public Cloud Clusters to support topologies where the sync interfaces are not on the same subnet, overcoming the limitations imposed by cloud providers.
In addition, it automatically config IPSec VPN setup.

View solution in original post

0 Kudos
2 Replies
Roman_Kats
Employee
Employee
4 weeks ago
Jump to solution

Hi @thomascripps 
This option aimed for cluster members that are located in different networks (subnets). Enabling Geo Mode allows configuring cluster network topology for members in different networks.
Particular use case is CloudGuard for AWS Cross Availability Zone Cluster. Each cluster member located in different availability zone hence in different subnets. 
https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CloudGuard_for_AWS_Cross_AZ_Cluster/C... 

0 Kudos
almogar
Employee
Employee
4 weeks ago
Jump to solution

Hi there,
Check Point clusters typically need sync interfaces on the same subnet - 0 hops between them. But in Cloud Clusters, spreading members across availability zones increases availability as availability zones are designed to self-contain availability issues.
Geo Mode allow CloudGuard Public Cloud Clusters to support topologies where the sync interfaces are not on the same subnet, overcoming the limitations imposed by cloud providers.
In addition, it automatically config IPSec VPN setup.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    Sort by:
    All CloudMates Events