Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ProxyOps
Contributor

Configuring the PDP-Only mode for the Identity Awareness Software Blade

Hi there,

I have just read the SK: Configuring the PDP-Only mode for the Identity Awareness Software Blade (checkpoint.com)

 

Just a couple of questions that are not currently answered in the SK itself:

- Will this mode be available in R81, R81.10?

- Are there any known limitations to enabling this mode?

- Does it require a reboot of the PDP Gateway to take effect?

- Is this PDP-only mode compatible with the PDP broker function?

 

I really like the idea of removing the unnecessary PEP Deamon on our PDP Brokers and saving some valuable resources!

 

Best regards

0 Kudos
2 Replies
G_W_Albrecht
Legend Legend
Legend

First question only CP can answer ! I would think no.

The Limitation is that Enforcement is missing on the GW.

No, a policy install only.

Should be compatible as here only PDPs share information.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
PhoneBoy
Admin
Admin

R81.20 has some pretty substantial under the hood changes with respect to Identity Awareness.
Therfore, I would not expect this to be backported to earlier releases.
If a reboot is required, it would have been documented.
In R82, this mode will be configurable through the Management API to the relevant gateway/cluster object.
I haven’t see anything to suggest PRP Broker won’t work with this, either.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events