Create a Post
Gusa2727
Contributor

CloudGuard Azure - SMS On-premises

Jump to solution

Hi, I have some questions regarding how Check Point Firewall works in Azure, and its integration with on-premise environments. We currently have an on-premises environment with one SMS and 7 Gateways, and now we would like to add new Gateway in Azure. 

1- Is possible to add a CloudGuard Gateway in our on-premise SMS? I think yes, but i would like to confirm this. 

2- I supose that if we do not have any ExpressRoute nor VPN in place, it is necessary to add the Gateway using its pulic IP as usual (as usual for remote sites without MPLS). 

I just want to confirm that everything is going to work as I am expecting, but I am failling to find documentation about this. Thanks.

0 Kudos
1 Solution

Accepted Solutions
natanelm
Employee
Employee

Hi Gusa2727,

1. Yes, it's possible to add a CloudGuard Gateway to your on-premise SMS.
2. Yes, if you do not have any ExpressRoute nor VPN in place, it is necessary to add the Gateway using its public IP as usual, just make sure that you have an internet connection, and you allow necessary ports according to your needs, for the full list see sk52421

Thanks,
Natanel

View solution in original post

3 Replies
Eva_K
Employee
Employee

Hi Gusa2727, 

I'm not sure about the use of public IP to add a gateway, but, according to sk109360 

Management

The Security Gateway can be managed in several ways including:

  • A standalone configuration in which the gateway acts as its own management
  • Centrally managed where the management server is located on-premises outside the virtual network
  • Centrally managed where the management server is located in the same virtual network

You can also contact your local sales engineers.

Hope this is helpful.

 

0 Kudos
natanelm
Employee
Employee

Hi Gusa2727,

1. Yes, it's possible to add a CloudGuard Gateway to your on-premise SMS.
2. Yes, if you do not have any ExpressRoute nor VPN in place, it is necessary to add the Gateway using its public IP as usual, just make sure that you have an internet connection, and you allow necessary ports according to your needs, for the full list see sk52421

Thanks,
Natanel

Gusa2727
Contributor

Thanks!

0 Kudos