Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Romers
Explorer

Publishing On-Prem Endpoint Server

Jump to solution

Is it practical to allow connections to an On-Prem Endpoint management server on the internet using its FQDN?? I would like persons off the corporate network to receive product updates and so on via the internet. I have just about 300 or so home-based users.

I am looking for some guidance on this endeavor. 

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee
Employee

There are white papers published here about using a seperate policy server in your DMZ for this purpose. Depending on your existing licensing this may already be included within your entitlements.

Note if it's solely product updates of interest you have the ability to influence how those e.g A/V updates are received if the policy server or endpoint manager is unavailable i.e. direct from Check Point or other location.

Coming back to your original query yes it is something that is done by some customers (via NAT) depending on their internal policies, others may opt to achieve via VPN.

 

View solution in original post

2 Replies
Chris_Atkinson
Employee
Employee

There are white papers published here about using a seperate policy server in your DMZ for this purpose. Depending on your existing licensing this may already be included within your entitlements.

Note if it's solely product updates of interest you have the ability to influence how those e.g A/V updates are received if the policy server or endpoint manager is unavailable i.e. direct from Check Point or other location.

Coming back to your original query yes it is something that is done by some customers (via NAT) depending on their internal policies, others may opt to achieve via VPN.

 

View solution in original post

MikeB
Advisor
0 Kudos