As of right now, unless you have turned on Management Data Plane Separation, the management interface is just like any other interface (Except for the driver used by the OS, possibly).
That's my understanding at least.

This will apparently change in R82 with ElasticXL as, from the preliminary documentation I've read, it appears that four interfaces are required for a cluster (internal, external, sync, and dedicated management). 

Hi CP team, 

i am new with CP and exploring about mgmt design. We have R82 in ElsticXL and VSnext co figuration. 

Is anything change and what is recommendation regarding management? Is mgmt interface mandatory  to used ?

thanks for answring

Cheers

Yes, especially in your configuration

Thanks.

can someone share a link to confirm what are mandatory steps ?

thanks in advance!

Strictly speaking, you don't need to use the interface named Mgmt for anything, but ElasticXL creates a bond named magg1 which has the interface named Mgmt as a member by default. VSNext goes further and creates VS500 as a virtual switch which owns magg1 and it adds warp links from VS0 to VS500.

In both cases, you can add another interface to magg1 and remove the interface named Mgmt from the bond (e.g, if you want the firewall to only use fiber interfaces for easier tapping via Gigamon), though this complicates adding more members.

Further, magg1 is just a normal bond. It's not fundamentally special in any way other than its name, and it (or the warp to it in VSNext) is in the same routing table as all of the other interfaces. Keep in mind that with ElasticXL and VSNext, you can't use MDPS to separate your management routing from your through-traffic routing. If you treat the interface named Mgmt how other vendors treat their "management interface", you'll probably have asymmetric routing when people try to go through the firewall to something else in the management network.

Many thanks @Bob_Zimmerman on the answer and explanation. 

let me 🙄 clarify mgmt options for SGW R82 in ElasticXl with VSnext:

1. in-band mgmt ->  magg1 interface is used as the default Virtual Switch (ID 500) to provide network management connectivity to the entire ElasticXL cluster and the Gaia operating system. Idea is to attach Loopback X against magg1 and will be used for communication with SMS, GAIA remote mgmt etc .  Is this ok ? any limitations ?
2. out of band mgmt, has more options 
   1. serial (console) port - provides a physical, out-of-band management connection to access the Gaia operating system command-line interface (CLI) directly
   2. LOM - remotely monitor, troubleshoot, and control the appliance even if the main operating system (Gaia) is crashed, frozen
   3. Mgmt, ethernet port -  ? if magg1 use Lo interface, can Mgmt. ethernet port be used for OutOfBand mgmt ?

Cheers and many thanks !!

You can't add a loopback to a bond.

Serial has a few disadvantages, chief among them that you can't use it to control power. I've been paged in the middle of the night to drive an hour to a datacenter, hit a power button, then drive home. That sucks so much. Every single company, it seems I have to fight all over again to get LOM set up. Check Point's LOM is mediocre, but it's still far better than serial alone.

The interface named Mgmt is never truly out-of-band. It can be mid-band with MDPS or classical VSX, but those aren't supported with ElasticXL and VSNext. I would personally avoid using the interface named Mgmt for anything, as it gives people the wrong idea about what the interface does. You'll note I'm very studious about calling it "the interface named Mgmt", because it is not a management interface, and using it how network people expect management interfaces to be used causes problems.

Thanks for clarifying this!

Cheers!