Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sam2
Contributor
Jump to solution

Exploring the idea of moving away from CP HW to Open Server or VMs

Hi All,

I was asked to looking into cost saving opportunities and I'm curious about the idea of either plugging into our server farms and running the firewalls as VMs, or buying open servers to run as appliances where it makes sense.

Has anyone done a similar exercise? Any lessons learned?

From my research online it looks like you can get more bang for you buck with and Open Server, but you lose the convenience that comes with having premium support for RMA.

Thanks!

 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

For gateways, it really depends on what assets you're protecting, where they are hosted, and the performance requirements as to whether you should use a VM, Open Server (Hardware), or a Check Point appliance.

In general, Open Server gateways (also applies to VMs):

  • Must be licensed for the number of processor cores you want to use
  • For Open Server hardware, we only guarantee support for three years
  • Have a higher support cost

Also, some features are only supported on Check Point appliances (e.g. Hyperflow in R81.20, Dynamic Balancing in R81+).

View solution in original post

4 Replies
the_rock
Legend
Legend

Thats honestly the biggest downside, you definitely would lose that convenience. I know lots of clients who run CP on open servers and they are pretty happy with it. In my experience, they dont break often, so you would probably be fine.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

It just depends. Running the SMS as a VM is a best practice i.m.h.o. GW VMs are often used for central sites and Service Providers but need redundant HW and backups. Clustering Open Server is a mixed thing - if 1 node is broken, getting the same HW again may be between p.i.t.a. to unavailable anymore. If VPN to a lot of own remote sites is needed, CP HW & RMA can be the best solution.

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
PhoneBoy
Admin
Admin

For gateways, it really depends on what assets you're protecting, where they are hosted, and the performance requirements as to whether you should use a VM, Open Server (Hardware), or a Check Point appliance.

In general, Open Server gateways (also applies to VMs):

  • Must be licensed for the number of processor cores you want to use
  • For Open Server hardware, we only guarantee support for three years
  • Have a higher support cost

Also, some features are only supported on Check Point appliances (e.g. Hyperflow in R81.20, Dynamic Balancing in R81+).

AmitShmuel
Employee
Employee

R80.40+ for Dynamic Balancing 🙂

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events