ElasticXL is a new cluster technology that enables simplified operation with a single management object with automatic configuration and software synchronisation between all cluster members.
ElasticXL is expected to be delivered with R82 or later versions. ElasticXL is based on similar technology to Maestro, but without MHOs. It is based on Check Point's SP versions for a scalable platform that allows you to increase the performance of the security gateways almost linearly.
I have tested it with the R82 EA version.
You can find more information about ElasticXL in this article: R82 ElasticXL
Install first ElasticXL gateway
|
1) Run the GAIA installation wizard on the appliance and select "ElasticXL" for clustering.
If you want to use VSNext (replacement for the classic VSX), click the checkbox "Install as VSNext".
2) Assign a SIC one-time password.
3) After installation, you will find the ElasticXL Gateway under the "Cluster Management" menu item.
4) Create a new gateway object (not CLusterXL object) in the SmartConsole.
5) Now establish a SIC connection to the ElasticXL gateway IP from the SmartDashboard.
6) Afterwards, install a policy on the gateway.
Add more ElasticXL gateways to the cluster.
|
1) Wire the next appliances via the switch infrastructure so that all sync interfaces are connected to same network.
Normally the ElasticXl sync interface is the eth1 interface.
2) Start the appliance and do not run the installation wizard.
3) Log in to the appliance via console cable or via LOM interface.
You are now in the gclish (global clish). Execute the following command:
g> show cluster member info
Copy the "Request ID" to the clipboard or to a text file.
4) Open a SSH session to the previously installed appliance and add the appliance with the following command in the gclish:
g> add cluster member method request-id identifier 5aac9e10de7cd0e34cdf7fa368076b37 site-id 1 format json
5) The appliance should be installed automatically after approx. 5 minutes.
The access policy is automatically synchronised by the first ElasticXL gateway (SMO).
6) Both gateways should now be shown in the GAIA portal under the side 1.
7) Open an SSH session on the first gateway and check if the ElasticXL cluster is working.
You can check this with the following command in the expert mode:
# asg monitor
➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips