This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Kamil_Kolo
Participant
‎2019-02-26 06:02 PM

AWS Management Server and separate Logging Server

Does AWS support having a separate Management Server and a separate Logging Server? I see that the CFT template only supports R80.10 at the moment, so does that mean that R80.20 is not supported at the moment for having two separate servers, one as the management server and one as the logging server?

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2019-02-27 09:08 AM

Is it generally supported? Yes.

It's possible the CloudFormation templates have not been updated for R80.20 yet, but I would think you can just change the AMI ID in the json to the R80.20 AMI and it should work fine.

Kamil_Kolo
Participant
‎2019-02-27 11:10 AM
In response to PhoneBoy

Thank you Dameon, I will try out your recommendation by changing the AMI ID in the json template to be the R80.20 image.

0 Kudos
Kamil_Kolo
Participant
‎2019-03-07 05:14 PM
In response to PhoneBoy

Hello Dameon,

For the dedicated logging server, I deployed an EC2 instance of the Check Point R80.20 Management server through the AWS marketplace instead of building it out via a CFT since I needed the option to deploy the Management server by defining the Security Management as: "Log Server/SmartEvent only"

Once the dedicated logging server was deployed, I attempted to establish the SIC trust but it kept failing, even when I reset the SIC. I found that the logging server's default Security group was not allowing the SIC trust to be established:

After I changed the Security Group to match the Primary Management Server, the SIC trust was established:

0 Kudos
PhoneBoy
Admin
Admin
‎2019-03-08 07:01 AM
In response to Kamil_Kolo

Funny enough, I ran into a similar issue a few weeks back with regular Security Management.

Hopefully this gets corrected in the near future.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events