Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
MtxMan
Contributor
Jump to solution

Standalone Firewall Question

Checkmates,

I have some question from my customer but i dont get any detail information, so thats why i ask here..

 

  1. If customer only use standalone firewall, is it possible without dedicated management, customer get smartview or smartevent capabilities? If so, how the renewal license about it?
  2. When next year customer want add management also additional 1 firewall for HA, can i do backup existing configuration on standalone fw and restore it to management? Or what i need to do is create from scratch?
  3. What happen if customer only buy Mobile Access license only for active device? It will impact to Cluster configuration or not?

Thankyou..

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

SmartView is just basic log viewing capabilities which is be supported.
SmartEvent will require an additional license and will increase load on the standalone gateway if you run it there.

You can migrate your standalone configuration to distributed using the following procedure: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

All cluster members are required to have the exact same licenses.
This includes add-ons like Mobile Access Blade.

View solution in original post

0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee

Sounds like a good fit for Smart-1 Cloud.

Each gateway in the cluster requires its own mobile access license.

CCSM R77/R80/ELITE
0 Kudos
the_rock
Legend
Legend

I will answer them to the best of my knowledge : - )

If customer only use standalone firewall, is it possible without dedicated management, customer get smartview or smartevent capabilities? If so, how the renewal license about it?

Yes, you can use it as smart event, since it would have management piece, but it would not be dedicated smart event server, though would serve smart event capabilities (you could generate custom reports). Smartview is included in management piece by default. Licensing would work same as regular management, but for standalone, it would have to have both parts (fw and mgmt)

When next year customer want add management also additional 1 firewall for HA, can i do backup existing configuration on standalone fw and restore it to management? Or what i need to do is create from scratch?

I would not recommend full HA config at all (2 standalone in a cluster). I can only speak for myself, but I can tell you in my 15 years dealing with CP, I had that scenario 4-5 times with customers and EVERY single time there was an issue, we had to rebuild it from scratch. Reason is, its very difficult to fix clustering part, because its not just cluster HA for the gateways, you also have mgmt portion and it can take hours/days to fix it when it breaks.

What happen if customer only buy Mobile Access license only for active device? It will impact to Cluster configuration or not?

Yes, it would impact it, because it would not work in a failover. License has to exist on all the members.

0 Kudos
PhoneBoy
Admin
Admin

SmartView is just basic log viewing capabilities which is be supported.
SmartEvent will require an additional license and will increase load on the standalone gateway if you run it there.

You can migrate your standalone configuration to distributed using the following procedure: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

All cluster members are required to have the exact same licenses.
This includes add-ons like Mobile Access Blade.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events