In this part, we are starting to work with the main Check Point security administration tool: SmartConsole. We will install it, review its new look and feel, and interconnect Security Management Server (SMS) and Security Gateway (SG).

Installation

SmartConsole is a Windows based GUI Client. To install it, we need to get an installation package. The easiest way to obtain it is to download it from our SMS. Open WebUI to your lab SMS (https://192.168.1.100) and log in.

On Overview screen, press “Download Now!” green button at the top of the page.

Download the installation package and start installation:

 In the welcome pop-up window accept Check Point EULA and press Install:

 The installation process will take some time:

Press Finish at the end:

Connecting to SMS

Launch SmartConsole application. You will see administrator login screen. If you remember, during SMS installation we have chosen to use OS credentials to login with SmartConsole. Type in Gaia admin username and password, and IP address of your Security Management Server.

 Confirm SMS Fingerprints and press PROCEED:

The main SmartConsole window opens. At the center, there is What’s New tutorial describing the basic functionality of SmartConsole application.

 Go through the Tutorials screens, especially if you are already familiar with R77.30 SmartDashboard. The R80.x SmartConsole has quite a different look and feel.

Close the What’s New tutorial. You can always go through it again by pressing What’s New icon at the left bottom corner of SmartConsole screen.

The default view is Gateways and Servers, where you only have a single object at this point: the SMS. In the bottom part of the screen, you see the summary information about it: License Status, active Software Blades, CPU and RAM utilization. To get further info, click the Device & License Information link:

In the pop-up, choose Device Status > System Information:

 You can see more details about resources utilization:

 Browse System Counters > System to review graphic representation of utilized resources.

Connecting to Security Gateway

Close the pop-up window. It is time to connect our SG with SMS. At the top of SmartConsole choose New > Gateway:

 Choose Wizard Mode and continue:

 In the Wizard pop-up window, choose Open Server for Gateway Platform, type in IP address 192.168.1.254 and then press Next:

 Type in SIC - One Time Password we have defined during SG installation REFERENCE and press Next:

Under normal circumstance, (SG is up, and SIC password is correctly typed), you should see Get Topology Results pop-up screen:

 Check IP addresses and networks; then press Close and Next. Press Finish to end the Wizard.

You can now see Check Point Security Gateway pop-up for the newly defined SG. Choose General Properties and review Gateway Software Blade available. As you can see, Firewall Software Blade is marked by default. Do not change any settings and this point and press OK:

Press Publish button at the top of the screen to make all changes you performed available to other administrators.

Confirm by pressing Publish button in the pop-up window:

When the Publish operation is finished, you should see a green Status indicator for SG:

This is the end of this part. Next time, we will configure interface anti-spoofing, set up a new Access Control policy rulebase, and install it on the Security Gateway.

----------------------------

Authors and contributors

Author - Evgeniy Olkov‌, CTO at TS Solution. 
Founded in 2010, the TS Solution is a fast growing Russian company, focused on integrating high-tech networking, security and server virtualization systems and technologies, along with maintenance and professional services.

Translation and editing - Valeri Loukine‌

Review and editing - Dameon Welch-Abernathy