Table of Contents
Advertisement
Installing a Security Policy
Use this procedure to prepare the policy for automatic installation when the gateway connects.
Note - If the Check Point Appliance is physically set up and configured, when you successfully
complete this step, the policy is pushed to the gateway. For a list of possible statuses, see Viewing
the Policy Installation Status (on page 19).
At the end of the Install Policy process, the policy status for a Check Point Appliance that is not yet
set up is "waiting for first connection." This implies that trusted communication is not yet
established between the Security Management Server and the Check Point Appliance. When the
gateway connects it establishes trust and attempts to install the policy automatically.
To install a security policy:
1. Click Policy > Install from the menu.
The Install Policy window opens.
2. Select the installation targets - the Check Point Appliance Security Gateways on which to
install the policy and the policy components (such as Network Security or QoS).
By default, all gateways that are managed by the Security Management Server are available for
selection.
3. In the Installation Mode section, select how the Security Policy should be installed:
•
On each selected gateway independently
•
On all selected gateways, if it fails do not install on gateways of the same version
4. Click OK.
The Installation Process window shows the status of the Network Security Policy for the
selected target.
Important - If the Check Point Appliance object is defined by the appliance is not set up
and it is in the "Waiting for first connection status", you see a message that says
"Installation completed successfully". This means that the policy is successfully prepared
for installation.
Continue tracking the status of the Security Policy installation with the Policy Installation and
the status bar
("Viewing the Policy Installation
Viewing the Policy Installation Status
You can see the installation status of managed gateways with the status bar that shows at the
bottom of the SmartDashboard window. The status bar shows how many gateways are in Pending
or Failed mode.
•
Pending - gateways that are in the waiting for first connection status or are in the pending
status (see below for detailed explanations).
•
Failed - gateways that have failed to install the policy.
The status bar is updated dynamically each time a gateway tries to install a policy or tries to
connect to the Security Management Server. The results of these actions are also shown in
SmartDashboard popup notification balloons when such events occur. You can configure these
notifications.
To monitor the status of the last policy installed on each gateway, you can use the Policy
Installation Status window.
Check Point 1100/1200R/1400 Appliances Centrally Managed Administration Guide R77.20.70
Status" on page 19).
Installation
|
25
Advertisement
Table of Contents
