Checkpoint 5600 - Alternative Virtual Appliance options for on premise deployment?

Hi All,

We currently have vast numbers of physical CP HW across our estate, a new project has com along where a pair of new FW's are required, our standard pattern would be to deploy two 5600 physical devices. I'd like to understand what the virtual alternative would be in this case, if throughput and performance are equal and I also get some additional flexibility and potentiall at a lower cost it would seem to make sense, I should add this is all on premise so no public cloud deployments.

Any suggestions or thoughts from experience and what the alternative virtual products are would be appreciated.

Kind regards

Virtual and physical appliances have somewhat different performance characteristics.
You can start with a CloudGuard IaaS instance configured with similar RAM/CPU to a 5600.
Recommend using R80.30 with the 3.10 kernel for the best performance.
if you have a virtualization environment (like VMware, HyperV...) in your locations you can run your gateway virtualized as virtual machine. If you are satisfied with the availability of your virtualization environment you need only one gateway license for a location. Maybee this is something better from the license costs.

It's hard to say what the best solution without knowing more.

Maybee if you can centralize all you hardware at one location you can use VSX, Running a bigger central appliance-cluster with all your firewall gateways as virtual instances.



