Multi-Domain Security Management

Security Management and Multi-Domain Security Management (Provider-1) delivers more security and control by segmenting your security management into multiple virtual domains. Businesses of all sizes can easily create virtual domains based on geography, business unit or security function to strengthen security and simplify management.

Benefits
Features
Specifications

Simplified management and provisioning of security in complex environments

Increase flexibility with granular role-based administration
Centralize security management while preserving the independence of domains
Segment security management based on location, business unit, security function

Stronger security with consistent global policies

Single configuration for VPN, firewall, IPS and other protections
Create, view and control all management domains from a single console
Global Policy Software Blade enforces common security baseline across domains

Integrated into Check Point Software Blade Architecture

Transition to multi-domain management for as little as $1500 per Software Blade
Activate multi-domain management on any management server
Supported systems include: Smart-1, IAS Appliances or open servers

Transition Seamlessly from Single to Multi-Domain IP Security Management

Convert an existing security management environment into a multi-domain security management environment by simply adding Check Point Multi-Domain Management Software Blades.

Example:

Multi-Domain Security Management

Multi-Domain, Multi-Policy Management

Segregate complex management environments into multiple domains. Each management domain is an independent security management environment with a separate database, log server and its own set of security policies.

Multi-domain Dashboard
Create, view and control all management domains from a single, centralized console. Launch Check Point SmartConsole applications such as SmartDashboard and SmartView Tracker seamlessly for each management domain. Assign global policies to different management domains and create and manage administrators and Graphical User Interface (GUI) clients.

Multi-Domain Management GUI Console

Multi-Domain GUI - comprehensive view of all networks and policies

Secure Communications for All Multi-Domain Components

Separate certificate authorities for each management domain and the multi-domain system ensure secure and private communications between gateways and their management domains, and between management domains and the multi-domain system.

Trusted Communication Between Multi-domain Systems and Related Applications
The Check Point SIC protocol secures all communication between the multi-domain system and respective multi-domain components and servers. The SIC protocol also secures communication and administrative authentication between multi-domain components and SmartConsole applications.

Global Policy

Define templates for global security rules and assign them to multiple domains. Global security policy can be assigned to all managed domains or just to a select group of domains.

Define templates for global security rules and assign them to multiple domains. Global security policy can be assigned to all managed domains or just to a select group of domains.

Global Objects
Define shared objects at a central location and deploy them globally across multiple domains.

Global VPN Policy
Define and manage VPN communities across multiple domains from a central location.

Global IPS Policy
Define and manage IPS policies across multiple domains from a central location.

Cross-domain Objects Search
Search for network objects across multiple management domains.

Granular Administrator Controls

Create and centrally manage multiple administrators for multi-domain management environments. Administrators can be assigned to specific domains and multiple administrators can be allowed to work on different management domains simultaneously.

Hierarchical Administrator Role Support
Give administrators permission to manage specific domains or different aspects of the multi-domain system.

Access for Multiple Simultaneous Administrators
Allow multiple administrators to work on different management domains simultaneously.

Multiple Authentication Methods for Administrators
Choose internal certificate authority or external third-party systems, such as RADIUS, TACACS, and RSA, for administrator authentication.

Centralized Monitoring

Monitor all multi-domain system components (domains, global policy, administrators, etc.) and gateways from a central location.

Domain-Independent Log Server

Collect and store security gateway logs for each domain in a separate, independent log server.

Collect and store security gateway logs for each domain in a separate, independent log server.

Multi-domain Log Module Support
Store critical management activity logs separately from traffic logs with an optional dedicated multi-domain server.

Domain for Log Server Support
Optional dedicated domain for log collection and storage, allowing separation of critical domain management activities from logging activities.

Redundancy & Backup

Synchronize multi-domain management databases (MDS database, global policy and ICA database) between multiple multi-domain servers. Backup your virtual management domain using standard security management.

Domain High-availability
Synchronize domain databases between many multi-domain servers.

Export/Import of Multi-domain System and Domains
Export and import entire multi-domain systems, or a specific domain, for maximum backup and recovery options.

Integrated into Check Point Software Blade Architecture

The Multi-Domain and Global Policy Software Blades are fully integrated into the Software Blade Architecture, saving time and reducing costs by allowing customers to quickly expand security protections to meet changing requirements.

The Multi-Domain and Global Policy Software Blades are integrated into the Software Blade Architecture. It can be easily and rapidly activated on existing Check Point security management servers saving time and reducing costs by leveraging existing security infrastructure.

Multi-Domain Security Management Server Requirements

Component	Linux	Solaris	SecurePlatform
CPU	Intel Pentium Processor E2140 or 2 GHz equivalent processor	UltraSPARC III 900MHz	Intel Pentium Processor E2140 or 2 GHz equivalent processor
Memory	4GB	4GB	4GB
Disk Space	2GB	2GB	10GB (install includes OS)
CD-ROM Drive	Yes	Yes	Yes (bootable)

Multi-Domain Security Console Hardware Requirements

Component	Windows
CPU	Intel Pentium Processor E2140 or 2 GHz equivalent processor
Memory	512MB
Disk Space	500MB
Video Adapter	Minimum resolution: 1024 x 768

We'd Like to Help!

Call US Sales 1-866-488-6691
Contact Us
Find a Reseller

Products A-Z
- Appliances
- Appliances Overview
- 2200 Appliances
- 4000 Appliances
- 12000 Appliances
- 21000 Appliance
- 61000 Security System
- DDoS Protector Appliances
- SecurityPower
- Secure Web Gateway Appliance
- Threat Prevention Appliance
- Series 80
- UTM-1 Edge
- IP Appliances
- Virtual Systems
- Safe@Office
- Smart-1
- Smart-1 SmartEvent
- Integrated Appliance Solution
- IAS Bladed Hardware
- Software Blades
- Software Blades Overview
- Security Gateway
- Firewall
- IPSec VPN
- IPS
- Mobile Access
- Application Control
- Identity Awareness
- DLP
- Web Security
- URL Filtering
- Anti-Bot
- Antivirus
- Anti-Spam & Email Security
- Advanced Networking & Clustering
- Voice over IP (VoIP)
- Threat Prevention
- ThreatCloud™
- Security Management
- Compliance
- Network Policy Management
- Endpoint Policy Management
- Logging & Status
- SmartWorkflow
- Monitoring
- Management Portal
- User Directory
- SmartProvisioning
- SmartReporter
- SmartEvent
- Multi-Domain Security Management
- Virtualization Security
- Security Gateway Virtual Edition
- Cloud Security
- Virtual Appliance for Amazon Web Services
- Security Systems
- Security Systems Overview
- Endpoint Security
- Endpoint Security
- Full Disk Encryption
- Media Encryption
- Anti-Malware & Program Control
- Remote Access VPN
- Firewall & Compliance
- Check Point WebCheck
- Check Point GO
- Solutions
- Remote Access
- Consumer Products
- ZoneAlarm Antivirus
- ZoneAlarm ForceField
- ZoneAlarm Internet Security Suite

Resources

Smart-1 Security Management Appliances

Security Management Software Blades