AWS Management Server and separate Logging Server
Does AWS support having a separate Management Server and a separate Logging Server? I see that the CFT template only supports R80.10 at the moment, so does that mean that R80.20 is not supported at the moment for having two separate servers, one as the management server and one as the logging server?
Is it generally supported? Yes.
It's possible the CloudFormation templates have not been updated for R80.20 yet, but I would think you can just change the AMI ID in the json to the R80.20 AMI and it should work fine.
For the dedicated logging server, I deployed an EC2 instance of the Check Point R80.20 Management server through the AWS marketplace instead of building it out via a CFT since I needed the option to deploy the Management server by defining the Security Management as: "Log Server/SmartEvent only"
Once the dedicated logging server was deployed, I attempted to establish the SIC trust but it kept failing, even when I reset the SIC. I found that the logging server's default Security group was not allowing the SIC trust to be established:
After I changed the Security Group to match the Primary Management Server, the SIC trust was established: