Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Kamil_Kolo
Participant

AWS Management Server and separate Logging Server

Does AWS support having a separate Management Server and a separate Logging Server? I see that the CFT template only supports R80.10 at the moment, so does that mean that R80.20 is not supported at the moment for having two separate servers, one as the management server and one as the logging server?

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

Is it generally supported? Yes.

It's possible the CloudFormation templates have not been updated for R80.20 yet, but I would think you can just change the AMI ID in the json to the R80.20 AMI and it should work fine.

Kamil_Kolo
Participant

Thank you Dameon, I will try out your recommendation by changing the AMI ID in the json template to be the R80.20 image.

0 Kudos
Kamil_Kolo
Participant

Hello Dameon,

For the dedicated logging server, I deployed an EC2 instance of the Check Point R80.20 Management server through the AWS marketplace instead of building it out via a CFT since I needed the option to deploy the Management server by defining the Security Management as: "Log Server/SmartEvent only"

Once the dedicated logging server was deployed, I attempted to establish the SIC trust but it kept failing, even when I reset the SIC. I found that the logging server's default Security group was not allowing the SIC trust to be established:

After I changed the Security Group to match the Primary Management Server, the SIC trust was established:

0 Kudos
PhoneBoy
Admin
Admin

Funny enough, I ran into a similar issue a few weeks back with regular Security Management.

Hopefully this gets corrected in the near future.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.