We have some questions regarding the SMB platform.
We were under the impression that these device could call home ang grad policy from centrally managed check point. We are testing this in our lab with R77.20 and 1200R R7720.81
Looking at /var/log/log/sfwd.elg we see it calling out but then saying "Local security policy is up to date" "same policy as already on module"
We are also considering deploying these in our SCADA environment in the field over very slow links and were hoping the policy install would be a quicker process compared to a regular gateway running full Gaia. Not sure this would be a smaller file resulting in a faster (lass bandwidth intensive) policy install.
And our other question is whats the differences between using Smart Provisioning (LSM) or the newer product SMP? Are there any advantages? One thing We would need in our environment is to keep all management local on Prem as opposed to being in the cloud. We are told this due to NERC-CIP guidelines.
Thanks and appreciate any direction / experience anyone can share.