Share your Cyber Security Insights
On-Stage at CPX 2025
Simplifying Zero Trust Security
with Infinity Identity!
CheckMates Toolbox Contest 2024
Make Your Submission for a Chance to WIN up to $300 Gift Card!
CheckMates Go:
What's New in R82
JaydenAung
CloudGuard IaaS (Google Cloud Platform) Deployment Helper Script
(Original GitHub post here: https://github.com/jaydenaung/cgi-gcp-deploy)
This is a simple helper script to automate deploying a specific Check Point CloudGuard IaaS gateway image on Google Cloud Platform. I was in an escalation email thread where a partner is having difficulty with deploying a specific image on GCP, and thought this would help simplify the deployment a bit.
Of course, there are other ways to deploy CloudGuard on Google Cloud Platform (e.g. Deployment manager). But if you'd like to deploy a very specific CloudGuard image (even the ones that are not listed in deployment templates) for variety of reasons, this method and script is for you. A couple of reasons you might want to do this may include deploying or restoring a Management HA solution or a log server, and restoring a previous backup, etc.
Check the CloudGuard images available on Google Cloud.
gcloud compute images list --project=checkpoint-public
In this lab, we're gonna deploy check-point-r8040-payg-294-759-v20201202. So you can verify the image by executing the following:
gcloud compute images list --project=checkpoint-public | grep check-point-r8040-payg-294-759-v20201202
You will also need to update the image variable in the script as well.
Please do the following;
Install Google Cloud SDK.
A service account with proper permission setup for your GCP Project: https://cloud.google.com/compute/docs/access/service-accounts
Enable Compute API: https://cloud.google.com/sdk/gcloud/reference/services/enable
Example:
gcloud services --project <project name> enable compute.googleapis.com
Download the cgi-gcp-setup.sh script from this repo, and update the VARIABLES in the script. (e.g. project, network, etc)
Make the script executable by executing chmod +x cgi-gcp-setup.sh
And Execute the following:
./cgi-gcp-setup.sh
./cgi-gcp-setup.sh
WARNING: You have selected a disk size of under [200GB]. This may result in poor I/O performance. For more information, see: https://developers.google.com/compute/docs/disks#performance.
Created [https://www.googleapis.com/compute/v1/projects/helloworld041019/zones/asia-southeast1-a/instances/cg-gateway].
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
cg-gateway asia-southeast1-a n1-standard-2 10.0.0.10,10.4.0.10 1.2.3.4 RUNNING
Your CGI Gateway has been created on Thu Dec 10 13:14:41 +08 2020!
$gcloud compute instances list
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
cg-gateway asia-southeast1-a n1-standard-2 10.0.0.10,10.4.0.10 1.2.3.4 RUNNING
Once the gateway is deployed, you can access the public IP via https (or SSH).
Check out Check Point SK sk163656 for more information.
Best,
Jayden Aung
CloudGuard IaaS (Google Cloud Platform) Deployment Helper Script
(Original GitHub post here: https://github.com/jaydenaung/cgi-gcp-deploy)
This is a simple helper script to automate deploying a specific Check Point CloudGuard IaaS gateway image on Google Cloud Platform. I was in an escalation email thread where a partner is having difficulty with deploying a specific image on GCP, and thought this would help simplify the deployment a bit.
Of course, there are other
...;
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
