cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

AWS Management Server and separate Logging Server

Does AWS support having a separate Management Server and a separate Logging Server? I see that the CFT template only supports R80.10 at the moment, so does that mean that R80.20 is not supported at the moment for having two separate servers, one as the management server and one as the logging server?

0 Kudos
4 Replies
Admin
Admin

Re: AWS Management Server and separate Logging Server

Is it generally supported? Yes.

It's possible the CloudFormation templates have not been updated for R80.20 yet, but I would think you can just change the AMI ID in the json to the R80.20 AMI and it should work fine.

Re: AWS Management Server and separate Logging Server

Thank you Dameon, I will try out your recommendation by changing the AMI ID in the json template to be the R80.20 image.

0 Kudos

Re: AWS Management Server and separate Logging Server

Hello Dameon,

For the dedicated logging server, I deployed an EC2 instance of the Check Point R80.20 Management server through the AWS marketplace instead of building it out via a CFT since I needed the option to deploy the Management server by defining the Security Management as: "Log Server/SmartEvent only"

Once the dedicated logging server was deployed, I attempted to establish the SIC trust but it kept failing, even when I reset the SIC. I found that the logging server's default Security group was not allowing the SIC trust to be established:

After I changed the Security Group to match the Primary Management Server, the SIC trust was established:

0 Kudos
Admin
Admin

Re: AWS Management Server and separate Logging Server

Funny enough, I ran into a similar issue a few weeks back with regular Security Management.

Hopefully this gets corrected in the near future.