Multi-Domain Security Management

Security Management and Multi-Domain Security Management (Provider-1) delivers more security and control by segmenting your security management into multiple virtual domains. Businesses of all sizes can easily create virtual domains based on geography, business unit or security function to strengthen security and simplify management.

0/5 (0 Reviews)


Simplified management and provisioning of security in complex environments

  • Increase flexibility with granular role-based administration
  • Centralize security management while preserving the independence of domains
  • Segment security management based on location, business unit, security function

Stronger security with consistent global policies

  • Single configuration for VPN, firewall, IPS and other protections
  • Create, view and control all management domains from a single console
  • Global Policy Software Blade enforces common security baseline across domains

Integrated into Check Point Software Blade Architecture

  • Transition to multi-domain management for as little as $1500 per Software Blade
  • Activate multi-domain management on any management server
  • Supported systems include: Smart-1 Appliances, IAS Appliances or open servers

With Check Point, there’s a trust factor in the industry, we don’t have to go back and forth about our security posture for our firewalls; this saves us days with each audit.

Ryan Leonard

Director of Production Engineering




Transition Seamlessly from Single to Multi-Domain IP Security Management

Convert an existing security management environment into a multi-domain security management environment by simply adding Check Point Multi-Domain Management Software Blades.



Secure Communications for All Multi-Domain Components

Separate certificate authorities for each management domain and the multi-domain system ensure secure and private communications between gateways and their management domains, and between management domains and the multi-domain system.

Trusted Communication Between Multi-domain Systems and Related Applications
The Check Point SIC protocol secures all communication between the multi-domain system and respective multi-domain components and servers. The SIC protocol also secures communication and administrative authentication between multi-domain components and SmartConsole applications.

Granular Administrator Controls

Create and centrally manage multiple administrators for multi-domain management environments. Administrators can be assigned to specific domains and multiple administrators can be allowed to work on different management domains simultaneously.

  • Hierarchical Administrator Role Support – Give administrators permission to manage specific domains or different aspects of the multi-domain system.
  • Access for Multiple Simultaneous Administrators – Allow multiple administrators to work on different management domains simultaneously.
  • Multiple Authentication Methods for Administrators – Choose internal certificate authority or external third-party systems, such as RADIUS, TACACS, and RSA, for administrator authentication.

Domain-Independent Log Server

Collect and store security gateway logs for each domain in a separate, independent log server.

  • Multi-domain Log Module Support – Store critical management activity logs separately from traffic logs with an optional dedicated multi-domain server.
  • Domain for Log Server Support – Optional dedicated domain for log collection and storage, allowing separation of critical domain management activities from logging activities.

Multi-Domain, Multi-Policy Management

Segregate complex management environments into multiple domains. Each management domain is an independent security management environment with a separate database, log server and its own set of security policies.

Multi-domain Dashboard
Create, view and control all management domains from a single, centralized console. Launch Check Point SmartConsole applications such as SmartDashboard and SmartView Tracker seamlessly for each management domain. Assign global policies to different management domains and create and manage administrators and Graphical User Interface (GUI) clients.


Multi-Domain GUI – comprehensive view of all networks and policies

Centralized Monitoring

Monitor all multi-domain system components (domains, global policy, administrators, etc.) and gateways from a central location.

Global Policy

Define templates for global security rules and assign them to multiple domains. Global security policy can be assigned to all managed domains or just to a select group of domains.

  • Global Objects – Define shared objects at a central location and deploy them globally across multiple domains.
  • Global VPN Policy – Define and manage VPN communities across multiple domains from a central location.
  • Global IPS Policy – Define and manage IPS policies across multiple domains from a central location.
  • Cross-domain Objects Search – Search for network objects across multiple management domains.

Redundancy & Backup

Synchronize multi-domain management databases (MDS database, global policy and ICA database) between multiple multi-domain servers. Backup your virtual management domain using standard security management.

Domain High-availability
Synchronize domain databases between many multi-domain servers.

Export/Import of Multi-domain System and Domains
Export and import entire multi-domain systems, or a specific domain, for maximum backup and recovery options.

Learn More


Component Linux Solaris SecurePlatform
CPU Intel Pentium Processor E2140 or 2 GHz equivalent processorUltraSPARC III 900MHzIntel Pentium Processor E2140 or 2 GHz equivalent processor
Memory 4GB4GB4GB
Disk Space 2GB2GB10GB (install includes OS)
CD-ROM DriveYesYesYes (bootable)

Component Windows
CPU Intel Pentium Processor E2140 or 2 GHz equivalent processor
Memory 512MB
Disk Space 500MB
Video Adapter Minimum resolution: 1024 x 768

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO