Scale with up to 13 clustered gateways with Virtual System Load Sharing (VSLS) technology
Each Virtual System has a separate policy and security feature set that is completely customizable
Deploy separate virtual systems on one physical security appliance
Check Point Virtual Systems enable organizations to consolidate their infrastructure by creating multiple virtualized security gateways on a single hardware device, delivering deep cost savings, seamless security and infrastructure consolidation.
The ability to tailor security policies for each virtual security system enables administrators to break down large, complex network security policies into smaller, more granular and more manageable policies. Customizing security policies based on business requirements minimizes the complexity and creates better security practices to meet demanding business needs.
Virtual Systems is a solution for large-scale environments such as large enterprises, data centers and Managed Service Providers (MSP). In MSP environments, Virtual Systems consolidates hardware for the service provider and ensures end user privacy because applications and services are separated by discrete Virtual Systems. Using Check Point Multi-Domain Server, MSPs can assign discrete management access to assigned Virtual Systems within that domain.
Virtual Systems can be deployed in layer-2 bridge mode and can co-exist with layer-3 Virtual Systems on the same VS Gateway. This allows network administrators to easily and transparently deploy a Virtual System in an existing network topology without reconfiguring the existing IP routing scheme.
Virtual Systems can be deployed on multiple Next-Gen Firewall gateways or in a Hyperscale network security solution using Check Point high-performance technologies, ensuring secure, resilient, multi-gigabit throughput.
Virtual System Load Sharing (VSLS) distributes traffic load across multiple cluster members. Cluster members effectively share the virtual system traffic load, providing higher throughput, connection capacity, high availability and linear scalability.
Resource Control allows administrators to manage the processing load by guaranteeing that each virtual system will receive only the memory and CPU allocation it needs to deliver its functions. Administrators can assign more capacity to mission-critical virtual systems.
Virtual Routing and Forwarding technology enables the creation of multiple, independent routing domains on a single Virtual System Gateway or Cluster.
When traffic arrives at a Virtual System Gateway, traffic is directed to the appropriate Virtual System, Virtual Router or Virtual Switch based upon the virtual network topology and the connectivity of the Virtual Devices.
Each Virtual System has its own security policy and maintains its own unique configuration and rules for processing and forwarding traffic to its final destination. This configuration also includes definitions and rules for NAT, VPN and other advanced features.
Zero Trust security is about having the ability to “Divide and Rule” your network in order to reduce the risk of lateral movement.
Check Point Network Firewalls enable you to create granular network segmentation across public/private cloud and LAN environments. With detailed visibility into the users, groups, applications, machines and connection types on your network, they allow you to set and enforce a “Least Privileged” access policy. So, only the right users and devices can access your protected assets.