Technical data
Deploying VSX
Check Point VSX Administration Guide NGX R67 | 168
This deployment option is appropriate for environments where many Virtual Systems protect many internal
networks with a single VSX gateway or cluster. The use of VLANs provides scalability as well as granularity,
allowing administrators to provision additional Virtual Systems and protected networks quickly and without
impacting the existing IP address structure.
Figure 11-33 VSX interface types
Internal Virtual Router with Source-Based Routing
This deployment scenario enables Virtual Systems to connect to protected networks using a single physical
interface without VLAN technology. The Virtual Router uses source-based routing rules to forward traffic to
the appropriate Virtual System based on its source IP address.
The figure below illustrates a VSX deployment with each Virtual System connected to a single Virtual
Router. The Virtual Router uses source-based routing rules to forward traffic to the appropriate Virtual
System based on the source IP address.
Figure 11-34 Source-based routing