Part 2 - Preparing the Lab

_Val_ · ‎2020-06-11

Introduction

Our lectures are designed for mastering both theoretical and practical aspects of Check Point products. Before moving forward, we need to build a lab environment. All further discussions have in mind the virtualization lab setup described below.

Attention: this document refers to R80.10 version. You can use exactly the same settings to run any of R81.x versions in the lab.

Virtual Lab

The virtual lab layout is presented on the diagram below.

It consists of five virtual machines

Security Management Server (SMS)
Security Gateway (SG)
Lab User PC
PC with SmartConsole[1]
Windows Server (Active Directory and IIS are enabled)

Virtualization platform

While we are using VMware Workstation 14 in our lab, you can also use ESXI or Virtual box as a virtualization platform.

Installation Software Images

To install and setup all Check Point machines you need R81.20 Check Point ISO file. It can be found here.

You will also need to install Windows Client (Windows 7 or higher) and Windows Server (2012 or higher) machines.

Note: Installation and setup of Windows machines are out of scope.

Hardware Requirements

Minimal Hardware requirements for Gaia R80.10 Open Server installation are listed in Check Point R81.20 Release Notes:

Although going below these requirements is definitely not recommended in the production, we can have some allowances in the lab.

These are recommended virtual machine parameters for our lab:

SMS: 6GB RAM, 4 CPU Cores, 80GB HDD
SG: 4GB RAM, 2 CPU Cores, 50GB HDD

You can chose your own RAM, CPU and HDD settings for Windows lab machines.

We believe the lab can be performed on a virtualization host with the following parameters:

4 cores CPU,
16BG RAM,
500GB HDD/SSD.

Network Layout

We recommend using the same IP addresses as shown on the lab diagram above. Make sure you use different VMnet segments for each of the lab networks.

All three Security Gateway network interfaces should be defined in the different network segments.

In case of VirtualBox based lab, chose Host-Only Ethernet Adapter.

[1] In case you are building this lab on your Windows PC, your virtualization host can take the role of SmartConsole Client.

----------------------------

Authors and contributors

Author - Evgeniy Olkov‌, CTO at TS Solution.
Founded in 2010, the TS Solution is a fast growing Russian company, focused on integrating high-tech networking, security and server virtualization systems and technologies, along with maintenance and professional services.

Translation and editing - Valeri Loukine‌

Review and editing - Dameon Welch-Abernathy

DaraSinghCCS · ‎2021-05-02

good contents to understand the network diagram

aheilmaier · ‎2021-07-27

As I tried the lab, the VMs are isntalled, bute SMS and GW are not startet. (No one mentioned on how to use the provided lab)

Okay, so I startet SMS ans GW with the Proxmox-VE webinterface.

But withou success, on connecting with smartConsole the connection gets refused, maybe due to no license.

Do you mean, we should install the ISO files on the Proxmox-VE ?

aheilmaier · ‎2021-07-27

okay my lab ends here, I need a trial license, but don't know how to get one.
The license on the machines endet about a month ago on 01-Jul-2021

aheilmaier · ‎2021-07-29

Thank's @_Val_ , as I missed the setup videos I was not aware on how to intstall the new VMs. Instead I just startet the shutdown SMS and GW VMs. These VMs had no valid license anymore.

So with the videos I managed to install the new SMS+GW VMs

_Val_ · ‎2021-07-29

@aheilmaier Glad to hear that.

scenarist · ‎2023-11-29

Great materials! 10 stars!

Rajputv · ‎2024-04-20

Good content for me .

lukasklimes · ‎2024-05-03

When I try launch the lab environment from link up here provided by @_Val_ , I get access denied, are these labs still available?

_Val_ · ‎2024-05-05

Dear @lukasklimes, the links in the article above still work, although they refer to R80.10 release, which is very old. Both installation ISO file and release notes for R81.20, our latest recommended release, can be found here: https://support.checkpoint.com/results/sk/sk173903

If you refer to some other links, please clarify

lukasklimes · ‎2024-05-05

I refer to link to cloud based virtual lab posted in comments at 2021-07-27. I got reply that labs are no longer available

_Val_ · ‎2024-05-05

Uh, got it. Unfortunately, that lab was discontinued. I removed the comment with the link to avoid confusion.

Clausen1998

Is it fine to use Hyper-V also for this lab?

_Val_

@Clausen1998 yes, KVM is also an option