- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Checkpoint management plane data plane
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Checkpoint management plane data plane
Hi is there a resource that explains the basics about Checkpoint management plane data plane clearly and simply (including cli setup) for a beginner ? I can't find anything.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here's an explanation from another LLM:
So basically you separate the 'brain' and 'muscle' (veeery vaguely) on the gateway so that bad guys have to work twice as hard to get into management related parts and make bad changes. Implementation and configuration details will be in sk138672.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
this SK does https://support.checkpoint.com/results/sk/sk138672
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I was after more of an explanation/theory with say an example rather than 'cold' commands.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In case it's unclear hit the following link in the article intro section and you'll see more "Click Here to Show the Entire Article" as it appears to be collapsed by default.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is this in a specific CSP (AWS, Azure or GCP)?
Do you have a requirement or a use case for it?
It doesn't seem like something that would be commonly demanded in CloudGuard (the question is posted is the CloudMates Forum).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I asked @CheckMatesAI for an answer, and it provided little more than a link to sk138672 and to CheckMates 🙂
In simple terms, MDPS dedicates one of the cores on the security gateway to the following functions:
- Access to the Gateway Itself: SSH, FTP, and more
- Provisioning: Policy installation, Gaia Portal, REST API
- Monitoring: Logs, SNMP
Normally, these functions run on processes on cores that are shared with cores that process traffic.
MDPS also provides a separate routing table for these functions as well as others you can configure.
If you're experiencing issues with these functions and the gateways operate under significant load, MDPS can be helpful.
It's important to understand the known limitations should you choose to enable it.
In most situations, MDPS is not necessary.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here's an explanation from another LLM:
So basically you separate the 'brain' and 'muscle' (veeery vaguely) on the gateway so that bad guys have to work twice as hard to get into management related parts and make bad changes. Implementation and configuration details will be in sk138672.