Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
atc4it
Participant
Jump to solution

Requirements for Network Security Micro Appliance

Good afternoon,

       We are having difficulty procuring hardware in Argentina so we are left with few choices. We are trying to figure out if one of those choices can be loading GAIA on the following hardware below. Has anyone attempted this?

 

Firewall, Mikrotik, Pfsense, OPNsense, VPN, Network Security Micro Appliance, Router PC, Intel Atom D525, HUNSN RS03, 6 x Intel Gigabit LAN, 2 x USB, COM, VGA, Fan, 4G RAM, 32G SSD
(2)
1 Solution

Accepted Solutions
Bob_Zimmerman
Authority
Authority

Of the three you've listed so far, the 3320M would be the best bet. It's newer than the Core i5 750 used in the 12200 (released in 2012), and only a little older than the Core i5 4590S used in the 5600 (released in 2016, and still supported). That said, it is also definitely not supported. If you run into compatibility issues, Check Point is very unlikely to be able to help.

The storage controller is the most likely limitation. Gaia doesn't do NVMe or eMMC. Most SATA 3 interfaces should work, but R81.20 drops support for some.

The next likely limitation is the network interfaces. I very seriously doubt any NBase-T interfaces will work, though I haven't tested any. The whole specification is newer than the Linux kernel Gaia currently uses.

View solution in original post

0 Kudos
6 Replies
NickNick
Explorer

I share your pain, same problem for me. 

 

Help!

0 Kudos
(1)
Bob_Zimmerman
Authority
Authority

I would not deploy that today if I had another option. The Atom D525 is the processor used in the 2200. R81.20 no longer includes drivers for the SATA controllers in its most common chipset. 4 GB of RAM is okay for a firewall you expect to be lightly used, but is too little to make an effective standalone system. 32 GB SSD is way too small for a firewall.

The 3600 uses an Atom C3558 and the 3800 uses an Atom C3758. Those are likely to be supported for much longer. They also support ECC RAM.

You can always run Check Point's software in a VM, which moves most of the hardware compatibility concerns from Check Point's OS to the hypervisor. Broader hardware compatibility might bring in some boxes which Check Point wouldn't support directly.

0 Kudos
(1)
atc4it
Participant

Thank you so much for the information. So are issue is Argentina will only let us source hardware from Agrentina and unfortunately we cannot find a vendor that is able to source a new Checkpoint appliance in country. I did find two other options with the Open Source network security appliance but I would feel more comfortable if I actually knew someone who has loaded GAIA on one of these platforms:

Firewall, OPNsense, VPN, Network Security Micro Appliance, Router PC, Intel Core I5 3320M, RS03, AES-NI/6 Intel Gigabit LAN/2USB/COM/VGA/Fan, (8G RAM/512G SSD)

 

VNOPN Micro Firewall Appliance 4 Intel 2.5GbE NIC Ports Fanless Mini PC, Network Gateway Soft Router Mini Computer Intel N3700 Quad Core, Support AES-NI, 8GB DDR3, 128GB mSATA SSD

0 Kudos
Chris_Atkinson
Employee Employee
Employee

It will be uncommon to find customers running hardware not certified and documented on the HCL least not in a production setting.

https://www.checkpoint.com/support-services/hcl/

As indicated in part this can be mitigated with VMware.

CCSM R77/R80/ELITE
atc4it
Participant

Thank you and yes we are aware of the list. WE are very limited in purchasing equipment in Argentina and do not really like the added layer the VMWARE solution brings to the table. Just being creative minds at this point searching for a new way to do things. The hardware is very similar to the 3600 appliance and if by chance GAIA just loads up the right drivers I think this would be a cool solution.

0 Kudos
Bob_Zimmerman
Authority
Authority

Of the three you've listed so far, the 3320M would be the best bet. It's newer than the Core i5 750 used in the 12200 (released in 2012), and only a little older than the Core i5 4590S used in the 5600 (released in 2016, and still supported). That said, it is also definitely not supported. If you run into compatibility issues, Check Point is very unlikely to be able to help.

The storage controller is the most likely limitation. Gaia doesn't do NVMe or eMMC. Most SATA 3 interfaces should work, but R81.20 drops support for some.

The next likely limitation is the network interfaces. I very seriously doubt any NBase-T interfaces will work, though I haven't tested any. The whole specification is newer than the Linux kernel Gaia currently uses.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events