Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Mark_Oldham
Explorer
Jump to solution

Deploying Check Point 1430 DSL Devices using Blink

Good Afternoon,

We are coming to the end of a PoC for the replacement of out Juniper SSG5 estate.  These are used for small remote sites some of which are connected via MPLS others via DSL circuits to the internet and then a VPN Tunnel.

Our main firewall estate is Check Point with the exception of these 26 sites which are SSG5's on the MPLS and Cisco 887's on the DSL sites. I wanted to have one product to cover both MPLS and DSL sites and the PoC contained CheckPoint 1430, Juniper SRX 320 and Fortinet 60E. Coming to the end of the PoC and Check Point is currently our favourite but I'm now looking at the ease of rolling these devices out into the field and also for an RMA process.

I've looked at Blink, CDT and Zero Touch. I believe for us the Blink would be the best option as Zero Touch wouldn't work for the DSL and CDT would require more hands on than Blink.  For MPLS Blink is fine but does anybody know if you are able to configure the DSL interface and credentials for the DSL service in the answer file? The VPN isn't an issue as we can present the management server to the DSL devices on the internet with a policy restricting the source of traffic just to the DSL static IP's.

I've looked at sk120193 and that doesn't have an awful lot that is configurable, is there a more detailed document that anybody knows of or is Blink limited in what can be entered into the answer file.

Thanks

Mark.

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend
Legend

A very good way to put SMB units into production is using autocanf,clish, see here USB First Time Config using autoconf.clish files  - How it works. As these are centrally managed devices, you only need a basic configuration for IPs, ISPs, SMS, Logserver etc.

CCSE CCTE CCSM SMB Specialist

View solution in original post

4 Replies
PhoneBoy
Admin
Admin

Blink does not support the SMB appliances.

Zero Touch would be the right approach here.

As I believe you can configure DSL via the CLI, you should be able to code the appropriate commands into the CLI Script sent to the device.

0 Kudos
Mark_Oldham
Explorer

Thank you.

I thought that might be that case but its a shame as Blink looks like it could have been much more customisable with the answer file.

I'll take a more detailed look at Zero Touch on Monday then, hopefully I can get it working with the devices.

0 Kudos
G_W_Albrecht
Legend
Legend

A very good way to put SMB units into production is using autocanf,clish, see here USB First Time Config using autoconf.clish files  - How it works. As these are centrally managed devices, you only need a basic configuration for IPs, ISPs, SMS, Logserver etc.

CCSE CCTE CCSM SMB Specialist
Mark_Oldham
Explorer

Thank you, I'll be sure to take a look at this option as well. I'm currently waiting for access to the Zero Touch Portal as my UC login details aren't working so I might look at the autoconf.clish option while I'm waiting.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events