Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
abihsot__
Advisor

Management server in AWS to control on-prem

Hello,

I am assessing the option to have management server in the cloud instead of on-prem and couldn't find information about the few things or I just misunderstand something.

For example I found this in AWS marketplace. So it looks I deploy bigger instance and I can manage up to 25 gateways automatically?

https://aws.amazon.com/marketplace/pp/B07KSBM119

Customers requiring security management for up to 25 Security Gateways must deploy this offering on instances with 8 or more compute cores.

sk130372 however tells "If you want to manage more than five Security Gateways, select the BYOL option and purchase a license." This could be just a matter of documentation update.

 

So can I manage on-prem physical appliances using management server in AWS? Of course using one of the listed options, over direct connect, VPN etc.

How do you update Management server? You have to rebuild it each JHF?

Do I need to take care of high availability, or it is built in already?

Does it have smartevent, compliance etc blades already?

0 Kudos
3 Replies
Kim_Moberg
Advisor

Hi

Do you know Check Point has a SmartCloud solution were they host your mgmt server and controls you onprem gateways via a ssh tunnel (MaaS services). MaaS is the service they use to parse data and means Management-As-a-Service..

https://www.checkpoint.com/products/smart-1-cloud-security-management/

 

Best Regards
Kim
0 Kudos
PhoneBoy
Admin
Admin

You can use Management hosted in AWS to manage on-prem gateways.
It works more or less the same as your on-premise management in this case: you mange it manually.
When you upgrade your management to a new release, it generally must be done using an advanced upgrade (ie not in place).

If you’re looking for an “easy” button for management, use Smart-1 Cloud.
We handle the scaling and upgrades for you as part of our “as a service” offering.
In addition, you can leverage a MaaS Tunnel to manage your gateways (single outbound connection over port 443 from each gateway).

0 Kudos
abihsot__
Advisor

Thanks for the pointers. I'll check that out as well.

0 Kudos