5. NGFW for small businesses. Cloud SMP management

Greetings to readers, in our series of articles, which is dedicated to Check Point SMB, namely the 1500 series model range. In the first part, I mentioned the possibility of managing your SMB series NGFWs using the Security Management Portal (SMP) cloud service. Finally, it’s time to talk about it in more detail, to show the available options and administration tools. For those who have just joined us, let me remind you of the previously discussed topics: initialization and configuration, organization of wireless traffic transmission (WiFi and LTE), VPN

SMP is a centralized portal for managing your SMB devices, including a web interface and tools to administer up to 5,000 devices. The following Check Point model series are supported: 600, 700, 910, 1100, 1200R, 1400, 1500.

First, let’s describe the advantages of such a solution:

  1. Centralized infrastructure maintenance. Thanks to the cloud portal, you can deploy policies, apply settings, study events – regardless of your location and the number of NGFWs in the organization.
  2. Scalability and efficiency. By purchasing an SMP solution, you take an active subscription with support for up to 5000 NGFW, this will make it easy to add new nodes to the infrastructure, providing dynamic communication between them thanks to VPN.

More details about licensing options can be found in the SMP documentation, there are two options:

  • Cloud Hosted SMP. The management server is hosted in the Check Point cloud, support for up to 50 gateways is available.
  • On-Premise SMP. The management server is hosted in the customer’s cloud solution, support for up to 5000 gateways is available.

Let’s add one important feature, in our opinion, when purchasing any model from the 1500-series, one SMP license is included in the package. Thus, by purchasing a new generation of SMB, you will have access to cloud management at no additional cost.

Practical use

After a short introduction, let’s move on to a practical acquaintance with the solution, at the moment the demo version of the portal is available upon request to the local Check Point office. Initially, you will be greeted by an authorization window, where you will need to specify: domain, username, password

The address of the deployed SMP portal is indicated as the domain, if you purchase it with a “Cloud Hosted SMP” subscription, then to deploy a new one, you must send a request by clicking on the “New Domain Request” button (consideration period up to 3 days).

Next, the main portal page is displayed with statistics about managed gateways and available options from the menu.

Let’s consider each tab separately, briefly describing its capabilities.

Map

The section allows you to track the location of your NGFW, view its status or go to its direct settings.

Gateways

The table that includes managed SMB gateways from your infrastructure contains information: gateway name, model, OS version, policy profile.

Plans

The section contains a list of profiles, with a display of the status of the installed Blades on them, where you can select access rights for making changes to the configuration (individual policies can be configured only locally).

If you go to the settings of a specific profile, then you can access the complete configuration of your NGFW.

The Security Software Blades part is dedicated to configuring each of the NGFW blades, in particular:
Firewall, Applications and URLs, IPS, Anti-Virus, Anti-Spam, QoS, Remote Access, Site-to-Site VPN, User Awareness, Anti-Bot, Threat Emulation, Threat Prevention, SSL Inspection.

Note the possibility to configure CLI scripts that will be automatically applied to the gateways that are specified in Plans-> Profile. With their help, you can set separate identical settings (date / time, access passwords, work with SNMP monitoring protocols, etc.)

We will not dwell on specific settings in detail, this was covered earlier, there is also a course Check Point Getting Started

Logs

One of the advantages of using SMP is to centrally view the logs of your SMB gateways, access can be obtained by going to Logs → Gateway Logs.

In the filter, you can set a specific gateway, specify the source or destination address, etc. In general, working with logs is identical to viewing in the Smart Console, flexibility and information content is preserved.

Cyber ​​Views

The section contains statistics in the form of reports on the latest security events, they allow you to quickly organize logs and present useful infographics:

General conclusions

Thus, SMP is a modern portal that combines an intuitive interface and deep capabilities in terms of administering your NGFW solutions of the SMB family. Let’s note once again its main advantages:

  1. Remote control up to 5000 NGFW.
  2. Maintenance of the portal by Check Point specialists (in the case of Cloud Hosted SMP subscription).
  3. Information content and structured data about your infrastructure in one tool.

A large selection of materials on Check Point from TS Solution. Stay tuned (Telegram, Facebook, VK, TS Solution Blog, Yandex Zen).

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *