- CheckMates
- :
- Products
- :
- General Topics
- :
- Re: Checkpoint Gateway and Management (80.20 GA) ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Checkpoint Gateway and Management (80.20 GA) on ESXi same VM
Since it is hard to get HP 360 Gen9 nowadays, especially in desired configuration, and new kernel 3.10 comes only for Gateways without Management
GAIA-3372 | This version only supports the Security Gateway. Security Management and Standalone are not supported. |
I am considering to use HP 360 Gen10, Install ESXi 6.7 and create there VM for checkpoint (planing to use R80.20 GA)
it will be a dedicated host, only for checkpoint
Is it supported (officially) to run Gateway and Management ( together on the same VM) as an virtual machine on ESXi host in production.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there any specific reason why you wouldn't want to stick with a distributed deployment and deploy two VMs on the same host?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yes, there is a reason
I have license that contains Management and Gateway all together
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I will look into changing to a new version of licensing
But even if I separate them as I guess I will get no more then 2 core gateway license
And even in standalone mode gateway can use 2 Cores and Management the rest of the cores isn't that right?
But yes I wouldn't be able to use the full number of core on server , but wat can I do - 2 Cores are enough for me
Checkpoint didn't make it easy to convert license from one type to other like any other vendors do,
but you need to trade it and basically buy new ones as I understood
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Converting a license to a more modern SKU does require purchasing new licenses, but you get trade-in credit for the older license you already purchased.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm pretty sure the SMS/management functions are not limited by license as to the number of cores that can be utilized, even in a standalone setup. The gateway portion will be limited to 2 cores and will have the default 2/2 split between SND/IRQ and Firewall Workers. Can pretty much guarantee performance will be terrible with this 2-core standalone setup in anything but a lab environment.
now available at maxpowerfirewalls.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why is that?
Now with such standalone implementation on R77.30 I have no performance issue
something will change moving to R80.20 (or R80.30) ?
I have only 200Mbit/s throughput in one direction
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As written in my post for Gaia R80.30 with 3.10 Kernel brings back support for standalone deployments because R80.20 doesn't support it.