This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Danny
Champion Champion
Champion
‎2019-03-19 04:07 AM
Jump to solution

New! R80.30 feature: Management Data Plane Separation (for gateways with 4+ cores)

rs1810300033.png

I really like the all new R80.30 feature for separating management from data traffic via

  • Routing Separation and
  • Resource Separation

as described in sk138672.

 

Did anyone test this already?

98 Replies
CarlosDias
Contributor
‎2023-09-11 01:48 AM
In response to Aviad_Hadarian
Jump to solution

Hi,

I am using an Open Server with 8 cores and release R81.10 and it does not activate.

 

0 Kudos
CarlosDias
Contributor
‎2023-09-11 02:48 AM
In response to Aviad_Hadarian
Jump to solution

Hi Aviad,

My question is that it makes sense to open a service request.

On sk138672 it refers only Quantum appliances. I am asking this question because on the Open Servers I can see that the commands exist, but maybe they do not work.

If the SK only refers Quantum appliances I am afraid that TAC closes the SR just saying that ...

But I don see any reason for this not be possible on Open Servers ...

 

0 Kudos
Aviad_Hadarian
Employee
Employee
‎2023-09-11 02:55 AM
In response to CarlosDias
Jump to solution

Hello @CarlosDias , MDPS is supported on GAiA platform, regardless if the hardware is physical or virtual.

0 Kudos
CarlosDias
Contributor
‎2023-09-15 04:00 AM
Jump to solution

I only need to separate routing.

1. Do I also need to activate resource separation?

2. Can the sync interface be the same as dplane? 

 

Regards

 

0 Kudos
Aviad_Hadarian
Employee
Employee
‎2023-09-17 10:27 PM
In response to CarlosDias
Jump to solution

1. No

2. The sync needs to be on mplane due to some ports that are opened on management plane

0 Kudos
CarlosDias
Contributor
‎2023-09-18 07:55 AM
In response to Aviad_Hadarian
Jump to solution

Hi,

Thanks for you answer.

I have a further question. Although I have separated management plane, I found the the gateways use an interface on dataplane to contact Checkpoint Services in order to check Contract. I am Using R81.10. Is this supposed to be like this?

I would prefer it also used management interface.

Thanks

0 Kudos
PhoneBoy
Admin
Admin
‎2023-09-18 08:34 AM
In response to CarlosDias
Jump to solution

The best practice is that dedicated management networks should be isolated (i.e. not connected to the Internet).
As the various Check Point services are hosted on the Internet, it doesn't make sense to use the management interface for this.
This is, therefore, expected behavior.

0 Kudos
CarlosDias
Contributor
‎2023-09-18 08:48 AM
In response to PhoneBoy
Jump to solution

OK Thanks a lot

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top