Table of Contents
Advertisement
Setting the Management Mode
The Home > Security Management page shows information for the management mode of the
Check Point Appliance. You can also test Internet Connectivity from this page.
To set the management type:
Select one of the options:
•
Locally - To manage the Check Point Appliance using the local web application (WebUI). Click
Apply and then Yes when asked to confirm.
•
Centrally - To manage the Check Point Appliance using the Security Management Server.
When centrally managed, it shows the trust status between the Check Point Appliance and the
Security Management Server. When a policy is prepared in SmartDashboard, you can fetch the
policy from this window.
Security Management Server
In this section you can view the status of the management connection, last policy installation,
adjust trust settings, and initialize a connection.
1. In the Security Management Server section, click Settings to adjust trust settings or Setup to
initialize a connection. The Welcome to the Security Management Server Configuration Wizard
shows.
2. Click Next. In the One Time Password (SIC) page, select an option for authenticating trusted
communication:
•
Initiate trusted communication securely by using a one-time password - The one-time
password is used to authenticate communication between the Check Point Appliance and
the Security Management Server in a secure manner.
Enter a one-time password and confirm it. This password is only used to establish the
initial trust. When established, trust is based on security certificates.
Important - This password must be identical to the Secure Communication
authentication one-time password configured for the Check Point Appliance object in the
SmartDashboard of the Security Management Server.
•
Initiate trusted communication without authentication (not secure) - Select this option only
if you are sure that there is no risk of imposture (for example, when in a lab setting).
3. Click Next. In the Security Management Server Connection page, select a connection method:
•
To connect to the Security Management Server now, select Connect to the Security
Management Server now, enter the Security Management Server IP or name and click
Connect. When you successfully connect to the Security Management Server, the security
policy is automatically fetched and installed.
If the Security Management Server is deployed behind a 3rd party NAT device, select
Always use this IP address and manually enter the IP address the appliance used to to
reach the Security Management Server. This IP address overrides, from this point on, the
automatic calculating mechanism that determines the routeable IP address of the Security
Management Server for each appliance.
If trust was established but the gateway could not fetch the policy, you can investigate the
issue with the Security Management Server administrator. When the issue is resolved, click
the Fetch Policy button that shows instead of the Connect button.
Check Point 1100/1200R/1400 Appliances Centrally Managed Administration Guide R77.20.75
Appliance Configuration
|
46
Advertisement
Table of Contents
