- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- New option on cloud deployments for "Use Geo Mode ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
New option on cloud deployments for "Use Geo Mode in a Cloud" when on R81.20
I have noticed on the cloud deployment guides for a HA deployment that it's now recommended to Use Geo Mode in a Cloud when on R81.20. Does anyone know what this option does at all?
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @thomascripps
This option aimed for cluster members that are located in different networks (subnets). Enabling Geo Mode allows configuring cluster network topology for members in different networks.
Particular use case is CloudGuard for AWS Cross Availability Zone Cluster. Each cluster member located in different availability zone hence in different subnets.
https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CloudGuard_for_AWS_Cross_AZ_Cluster/C...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there,
Check Point clusters typically need sync interfaces on the same subnet - 0 hops between them. But in Cloud Clusters, spreading members across availability zones increases availability as availability zones are designed to self-contain availability issues.
Geo Mode allow CloudGuard Public Cloud Clusters to support topologies where the sync interfaces are not on the same subnet, overcoming the limitations imposed by cloud providers.
In addition, it automatically config IPSec VPN setup.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @thomascripps
This option aimed for cluster members that are located in different networks (subnets). Enabling Geo Mode allows configuring cluster network topology for members in different networks.
Particular use case is CloudGuard for AWS Cross Availability Zone Cluster. Each cluster member located in different availability zone hence in different subnets.
https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CloudGuard_for_AWS_Cross_AZ_Cluster/C...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there,
Check Point clusters typically need sync interfaces on the same subnet - 0 hops between them. But in Cloud Clusters, spreading members across availability zones increases availability as availability zones are designed to self-contain availability issues.
Geo Mode allow CloudGuard Public Cloud Clusters to support topologies where the sync interfaces are not on the same subnet, overcoming the limitations imposed by cloud providers.
In addition, it automatically config IPSec VPN setup.