Security Management and Multi-Domain Security Management (Provider-1) delivers more security and control by segmenting your security management into multiple virtual domains. Businesses of all sizes can easily create virtual domains based on geography, business unit or security function to strengthen security and simplify management.
BenefitsSimplified management and provisioning of security in complex environments
- Increase flexibility with granular role-based administration
- Centralize security management while preserving the independence of domains
- Segment security management based on location, business unit, security function
- Single configuration for VPN, firewall, IPS and other protections
- Create, view and control all management domains from a single console
- Global Policy Software Blade enforces common security baseline across domains
- Transition to multi-domain management for as little as $1500 per Software Blade
- Activate multi-domain management on any management server
- Supported systems include: Smart-1 Appliances, IAS Appliances or open servers
Convert an existing security management environment into a multi-domain security management environment by simply adding Check Point Multi-Domain Management Software Blades.
Segregate complex management environments into multiple domains. Each management domain is an independent security management environment with a separate database, log server and its own set of security policies.
Create, view and control all management domains from a single, centralized console. Launch Check Point SmartConsole applications such as SmartDashboard and SmartView Tracker seamlessly for each management domain. Assign global policies to different management domains and create and manage administrators and Graphical User Interface (GUI) clients.
Multi-Domain GUI – comprehensive view of all networks and policies
Separate certificate authorities for each management domain and the multi-domain system ensure secure and private communications between gateways and their management domains, and between management domains and the multi-domain system.
Trusted Communication Between Multi-domain Systems and Related Applications
The Check Point SIC protocol secures all communication between the multi-domain system and respective multi-domain components and servers. The SIC protocol also secures communication and administrative authentication between multi-domain components and SmartConsole applications.
Define templates for global security rules and assign them to multiple domains. Global security policy can be assigned to all managed domains or just to a select group of domains.
Define shared objects at a central location and deploy them globally across multiple domains.
Global VPN Policy
Define and manage VPN communities across multiple domains from a central location.
Global IPS Policy
Define and manage IPS policies across multiple domains from a central location.
Cross-domain Objects Search
Search for network objects across multiple management domains.
Create and centrally manage multiple administrators for multi-domain management environments. Administrators can be assigned to specific domains and multiple administrators can be allowed to work on different management domains simultaneously.
Hierarchical Administrator Role Support
Give administrators permission to manage specific domains or different aspects of the multi-domain system.
Access for Multiple Simultaneous Administrators
Allow multiple administrators to work on different management domains simultaneously.
Multiple Authentication Methods for Administrators
Choose internal certificate authority or external third-party systems, such as RADIUS, TACACS, and RSA, for administrator authentication.
Collect and store security gateway logs for each domain in a separate, independent log server.
Multi-domain Log Module Support
Store critical management activity logs separately from traffic logs with an optional dedicated multi-domain server.
Domain for Log Server Support
Optional dedicated domain for log collection and storage, allowing separation of critical domain management activities from logging activities.
Synchronize multi-domain management databases (MDS database, global policy and ICA database) between multiple multi-domain servers. Backup your virtual management domain using standard security management.
Synchronize domain databases between many multi-domain servers.
Export/Import of Multi-domain System and Domains
Export and import entire multi-domain systems, or a specific domain, for maximum backup and recovery options.
The Multi-Domain and Global Policy Software Blades are integrated into the Software Blade Architecture. It can be easily and rapidly activated on existing Check Point security management servers saving time and reducing costs by leveraging existing security infrastructure.
|CPU||Intel Pentium Processor E2140 or 2 GHz equivalent processor||UltraSPARC III 900MHz||Intel Pentium Processor E2140 or 2 GHz equivalent processor|
|Disk Space||2GB||2GB||10GB (install includes OS)|
|CD-ROM Drive||Yes||Yes||Yes (bootable)|
|CPU||Intel Pentium Processor E2140 or 2 GHz equivalent processor|
|Video Adapter||Minimum resolution: 1024 x 768|