we have recently deployed a pair of checkpoint FW running VSX R76 and created 1 single VS firewall (basic migrating things as is).
We would like to split this existing single VS firewall into 2 VS firewalls. I thought it would be a simple change: creating a new VS firewall, using the route propagation using a virtual switch, ... our service providers is trying to convince me "this cant be done": routing would not be possible, it woudl require significant downtime, and various physical intervention.
You guess I'm doubtfull ...
Anyone went down the path of splitting its firewall on VSX ?