This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Dario_Perez
Employee Employee
Employee
‎2025-07-01 06:57 AM

Hi

First of all, maestro is a solution composed by orchestrador and Security Gateway Modules SGM, so you have dual orchestrator, you manage each orchestrator via Mgmt1 and Mgmt2 rear panel. each orchestrator have their own ip-address it does mean orchestrator 1 IP 10.10.10.1/24 orchestrator 2 10.10.10.2/24.
Now for Security group, when you create the security Group you have add management interfaces eth1-Mgmt1 (orchestator1) and eth2-Mgmt1(ochestrator2) both should be in management bond no traffic bond. we recommend to bond them for redundancy. And yes you can use the same subnet like 10.10.10.3/24 

 

If you have dual site, site 2 must be a mirror of site 1. 

I recommend to check Jump Start videos Check Point Jump Start Course: Maestro - Check Point CheckMates

and engage check Point IGS (Professional Services) contact your local SE

0 Kudos
(1)
Who rated this post