Technical data
Introduction to VSX
Check Point VSX Administration Guide NGX R67 | 13
VSX QoS Enforcement provides the ability to control network quality of service in the VSX network
environment by supporting the Differentiated Services (DiffServe) protocol and assigning different
transmission characteristics to different classes of service.
Non-Stop Security
VSX supports the Check Point ClusterXL technology as well as third-party cluster solutions, such as
Crossbeam, to guarantee nonstop security. Seamless connection failover promotes high availability and
resiliency, ensuring, nonstop, secure business operations at both the application and network levels.
Active/Standby Bridge Mode
The Active/Standby Bridge Mode enhances network resiliency by enabling instantaneous failover and by
providing full support for VSLS in the Bridge Mode. This feature also provides full control over bridge
failover.
Link Aggregation
Link Aggregation, also known as Interface Bonding, lets you join interfaces for High Availability or Load
Sharing. This networking technology binds together multiple physical interfaces to increase reliability and
throughput.
In a High Availability deployment, only one interface is active at a time. If that interface or connection fails,
the bond manages the failover to a standby slave interface.
In a load sharing deployment, Link Aggregation significantly increases total throughput by spreading the
traffic load amongst multiple interfaces. All interfaces are active, and traffic is balanced between interfaces.
Load Sharing operates according to the IEEE 802.3ad or the XOR standard.
SecurePlatform
This release includes the latest enhancements to the SecurePlatform operating system.
SecurePlatform of this release is based on Linux kernel 2.6.18-92cp and Red Hat Enterprise Linux 5.2 for
user mode components and supports a large variety of hardware, including open servers, network cards and
RAID controllers. A comprehensive list of certified hardware can be found at:
(http://www.checkpoint.com/products/supported_platforms/secureplatform.html)
URL Filtering
URL Filtering enforces filtering rules based on organizational needs and predefined categories made up of
URLs and URL patterns. URL Filtering takes place according to predefined categories made up of URLs
and/or IPs. The URL Filter checks the URL and/or IP of a Web page against a list of approved sites. In this
way, complete sites or pages within sites that contain objectionable material (pornography, pirated music or
videos, illegal software, etc.) can be blocked. In addition, the URL Filtering policy only checks connections
that have already passed the security policy.
Hardware Health Monitoring
SecurePlatform includes new Hardware Health Monitoring capabilities, support for RAID and Sensors
monitoring over SNMP.
Typical VSX Deployments
VSX virtual networking provides an ideal solution for a variety of deployment scenarios ("Deploying VSX" on
page 166):
Enterprises enforcing distinct security policies per department
Internet service providers offering secure environments