This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Mark_Oldham
Explorer
‎2019-03-01 07:46 AM
Jump to solution

Deploying Check Point 1430 DSL Devices using Blink

Good Afternoon,

We are coming to the end of a PoC for the replacement of out Juniper SSG5 estate.  These are used for small remote sites some of which are connected via MPLS others via DSL circuits to the internet and then a VPN Tunnel.

Our main firewall estate is Check Point with the exception of these 26 sites which are SSG5's on the MPLS and Cisco 887's on the DSL sites. I wanted to have one product to cover both MPLS and DSL sites and the PoC contained CheckPoint 1430, Juniper SRX 320 and Fortinet 60E. Coming to the end of the PoC and Check Point is currently our favourite but I'm now looking at the ease of rolling these devices out into the field and also for an RMA process.

I've looked at Blink, CDT and Zero Touch. I believe for us the Blink would be the best option as Zero Touch wouldn't work for the DSL and CDT would require more hands on than Blink.  For MPLS Blink is fine but does anybody know if you are able to configure the DSL interface and credentials for the DSL service in the answer file? The VPN isn't an issue as we can present the management server to the DSL devices on the internet with a policy restricting the source of traffic just to the DSL static IP's.

I've looked at sk120193 and that doesn't have an awful lot that is configurable, is there a more detailed document that anybody knows of or is Blink limited in what can be entered into the answer file.

Thanks

Mark.

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
MVP Silver
MVP Silver
‎2019-03-04 05:28 AM
In response to Mark_Oldham
Jump to solution

A very good way to put SMB units into production is using autocanf,clish, see here USB First Time Config using autoconf.clish files  - How it works. As these are centrally managed devices, you only need a basic configuration for IPs, ISPs, SMS, Logserver etc.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

4 Replies
PhoneBoy
Admin
Admin
‎2019-03-01 07:29 PM
Jump to solution

Blink does not support the SMB appliances.

Zero Touch would be the right approach here.

As I believe you can configure DSL via the CLI, you should be able to code the appropriate commands into the CLI Script sent to the device.

0 Kudos
Mark_Oldham
Explorer
‎2019-03-02 12:14 PM
In response to PhoneBoy
Jump to solution

Thank you.

I thought that might be that case but its a shame as Blink looks like it could have been much more customisable with the answer file.

I'll take a more detailed look at Zero Touch on Monday then, hopefully I can get it working with the devices.

0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2019-03-04 05:28 AM
In response to Mark_Oldham
Jump to solution

A very good way to put SMB units into production is using autocanf,clish, see here USB First Time Config using autoconf.clish files  - How it works. As these are centrally managed devices, you only need a basic configuration for IPs, ISPs, SMS, Logserver etc.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Mark_Oldham
Explorer
‎2019-03-05 02:09 AM
In response to G_W_Albrecht
Jump to solution

Thank you, I'll be sure to take a look at this option as well. I'm currently waiting for access to the Zero Touch Portal as my UC login details aren't working so I might look at the autoconf.clish option while I'm waiting.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events