This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
DanielBe46
Explorer
‎2024-03-03 05:05 AM
Jump to solution

Where can I obtain a SIC to access my CloudGuard on AWS?

Hello,

 

I have deployed a "CloudGuard Network Security Next-Gen Firewall with Threat Prevention" instance in my AWS cloud account.

I have connected to it via https:// and logged in to the instance.

I am redirected to some initial setup window that requires that I enter something called SIC activation key.

I wanted to know where can I obtain this from in order to proceed with my deployment.

 

Thanks in advance,

Daniel

Preview file
61 KB
0 Kudos
1 Solution

Accepted Solutions
the_rock
Legend
Legend
‎2024-03-04 12:25 PM
Jump to solution

You can enter anything there, min 4 characters. SIC will be needed as one time key to establish communition between mgmt and firewall. Its encrypted and not saved anywhere.

Best,

Andy

View solution in original post

0 Kudos
6 Replies
_Val_
Admin
Admin
‎2024-03-04 11:56 AM
Jump to solution

You need to create one on your management server. Please follow the deployment guide for your installation.

0 Kudos
the_rock
Legend
Legend
‎2024-03-04 12:25 PM
Jump to solution

You can enter anything there, min 4 characters. SIC will be needed as one time key to establish communition between mgmt and firewall. Its encrypted and not saved anywhere.

Best,

Andy

0 Kudos
DanielBe46
Explorer
‎2024-03-05 12:07 AM
In response to the_rock
Jump to solution

Thanks this has resolved my issue.

0 Kudos
the_rock
Legend
Legend
‎2024-03-05 04:04 AM
In response to DanielBe46
Jump to solution

Glad we can help. Just remember this, though most people are aware, but there might be some that are not. IF you reset SIC on the gateway via cpconfig menu, it will load initial policy, which would pretty much block anything, except ssh and web UI (if on port 443, any other port would be blocked), until you apply the actual policy from the mgmt server, after you establish SIC again.

Best,

Andy

0 Kudos
DanielBe46
Explorer
‎2024-03-05 04:28 AM
In response to the_rock
Jump to solution

Hi the_rock,

 

Thanks for the information.

Is there any reason for me to change this SIC via cpconfig menu? Is it not recommended to keep the same SIC in the long term?

 

Thanks in advance,

Daniel

0 Kudos
the_rock
Legend
Legend
‎2024-03-05 04:58 AM
In response to DanielBe46
Jump to solution

Not really...the ONLY reason would be if sic was broken (you could see that from the object in smart console, it would give an error probably during policy push), but that only happens if communication with mgmt was broken.

Put it this way, if policy works, no need to touch sic. As I mentioned, sic key is one time key thats encrypted and not saved anywhere, simply needed for mgmt <-> fw communication on port 18209

SIC key can be anything...1234,abcd, planetearth, homersimpson, adamsfamily...you get an idea, makes no difference. As you did yesterday, you type same thing on gateway, then in smart console for the object representing fw, push policy, done, NO need to touch SIC ever again unless communication broke.

Makes sense?

Best,

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events