Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
PhoneBoy
Admin
Admin

Moving Security Management to the Cloud: Video, Slides, and Q&A

Learn how to move security management to the cloud with Smart-1 Cloud!

Have you ever wondered what it would be like to manage your on-premises and virtual gateways from the cloud? Via a web browser? With the best access control and threat prevention platform that can keep pace with the latest security, handle rapid growth and effectively manage maintenance? In this session, you'll hear from @Anat_Eytan-Davi@Amir_Jaron, and @Guy_Israeli 

Content available to CheckMates members:

Selected Q&A asked during the session will be posted in the comments.
Excerpt of the session below.

 

1 Reply
PhoneBoy
Admin
Admin

Will endpoint and firewall both be supported on the same console on the cloud to allow logs and reporting to be true single pane of glass?
This is planned, yes.

How you migrate your existing management to Smart-1 Cloud?
This can be done via the Infinity Portal. You can upload the exported database and get your env ready on the cloud.

Are there plans to support this as a secondary management station, or as a primary with an on-prem secondary management?
The solution provides 99.9% availability, there is no need for additional management HA. Secondary on-prem is not supported.

Is GuiDBEdit supported?
Yes, through a support ticket.

How do we handle any files that require manual editing like *.ttm files?
While you cannot edit these files directly, they can be edited through a support ticket.

What is the best way to size this appropriately for a client?
You do not have to size it up at all. We will do it for you seamlessly.

What connectivity is required between gateways and Smart-1 Cloud management?
Outbound HTTPS (port 443).

What if the cloud or the internet to the cloud goes down?
Gateways will continue to operate as usual and log locally. Logs will stream back to the management once connectivity to Smart-1 Cloud is restored.

I need the logs in my on premise SIEM. Is this supported?
This functionality is available at extra cost, yes.

What gateway versions are supported (in general)?
We support gateways running R80.10 and above with latest Jumbo HF, including SMB appliances running R80.20+.

Are there plans to support SMB 1400 series gateways with Smart-1 Cloud?
No, this

Does the Smart-1 Cloud provide cloud log storage? If so, what are the size options?
Each package includes a certain amount of log storage. You can buy additional storage as required.

Is there an evaluation to test the functionality?
We provide a 30 day trial via the Infinity Portal.

Can one restrict source IPs that can access the Smart-1 Cloud?
We don’t restrict by IP but we support MFA based on your Infinity Portal configuration.

Does Smart-1 Cloud use a real full web-based SmartConsole or some kind of a stream of a remote app?
Right now we are streaming SmartConsole, but the plan is to make it fully native.

Autoscaling support?
You don’t need to handle your management scale, you can send more logs and connect more gateways. The service takes care of that automatically.

How do I delete a Smart-1 Cloud Instance?
Currently account termination is done via support, this option will be supported soon. You can always create new accounts if you need a fresh environment.

Will we have the same SmartConsole in Web browser with on-prem management solutions?
We are planning a web-based version of SmartConsole for on-prem management as well.

Does the Smart-1 Cloud support MDS deployment?
Smart-1 Cloud support multi-tenanacy with ability to manage different customers. We don't support MDM in the sense of global rules and objects.

What about backups? Managed by Check Point?
Correct, we are taking care for all maintenance.

Using this SMART-1 Cloud, can I control my AutoScale Gateways running in AWS/Azure/GCP?
Yes, this is supported.

Can we transfer an existing management license to Smart-1 Cloud?
No, but there may be other options. Work with your local Check Point office.

Do we have a choice when to upgrade to next release?
We will coordinate with each customer regarding the upgrade date, but we aim to upgrade right after the new version release so customers can enjoy all new features

How does the Smart-1 Cloud translate to licensing/costing?
Pricing is based on number/type of gateways managed with add-ons available for additional log storage or export of logs to a SIEM. 

Is SIC between Smart1-Cloud and on-prem gateways handled over HTTPS port 443?
Yes, all the usual traffic between a gateway and management are tunneled over an HTTPS connection.

Are the same API commands we use on premise are available in Smart-1 Cloud?
Yes.

What is the maximum number of GW managed from the cloud?
We currently have a soft limit of 100 per account. You can create additional accounts to management more. If you still need more than 100 per account, please contact us.

Is SmartEvent part of solution?
SmartEvent is included, but requires an additional license.

Can I have a log server from the Check Point Cloud if I want just to send the logs to the cloud and keep the configuration on-prem?
You will be able to that, this feature is currently in EA, please contact us.

Where is Smart-1 Cloud hosted?
It is in two regions, currently: Europe and US. Customer can choose between them. Other regions will be provided in the future.

Any Identity Awareness limitations with Smart-1 Cloud? ID Collector/Broker locations?
The only requirement is for using AD role in the policy, the service needs to use the gateway as proxy for the local AD server.

0 Kudos