Technical data
Using VSX with Multi-Domain Security Management
Check Point VSX Administration Guide NGX R67 | 71
Description
1
SmartDomain Manager
2
Multi-Domain Server
3
SmartDashboard
4
Domain Management Server
5
Main Domain Management Server
6
VSX Gateway
7
VSX Virtual System in Domain Management Servers
The Multi-Domain Server is a central management server that hosts the network management and security
policy databases for these networks. Each independent domain is represented by a Domain, which
provides the full functionality of a Security Gateway. Each Domain Management Server can host Virtual
Systems, Virtual Routers and Virtual Switches as well as physical Check Point gateways. We recommend
that you manage each VSX gateway with its own Domain Management Server.
The Domain Management Server that manages a VSX gateway or cluster is known as a Main Domain
Management Server. You can host multiple gateways and/or clusters on one Multi-Domain Server. We
recommend that you manage each gateway and cluster with its own main Domain Management Server.
Virtual Systems belonging to a given Domain can be distributed among multiple VSX gateways and clusters.
The SmartDomain Manager is a centralized management solution for Domains, Domain Management
Servers and the Multi-Domain Security Management environment. Each Domain Management Server uses
its own instance of SmartDashboard, which is accessible only via the SmartDomain Manager, to provision
its Virtual Devices and physical gateways, as well as to manage their security policies.
Licensing VSX with Multi-Domain Security Management
Check Point software is activated with a license key. To obtain a license key, register the certificate key (that
appears on the back of the software media pack) with the Check Point User Center. The certificate key is
used to generate a license key for the products that you are either evaluating or purchasing.
To purchase the required Check Point products, contact your reseller. Check Point software that has not yet
been purchased functions for 15 days only.
Multi-Domain Security Management Licenses
Multi-Domain Security Management licenses are associated with the IP address of the licensed entity. Multi-
Domain Server licenses are based on the Multi-Domain Server type.
Multi-Domain Server - This license covers the administrator access point to the Multi-Domain Security
Management environment and is bound to the Multi-Domain Server IP address. The SmartDomain
Manager can only connect to Multi-Domain Servers machines with a valid license.
Domain Management Server License: Each individual Domain Management Server requires its own
license, bound to its IP address. Domain Management Server licenses cover a predefined number of
enforcement points (Virtual Systems and/or physical Check Point gateways). Domain Management
Server licenses are available for quantities of one, two or four enforcement points as well as an
unlimited license covering an unlimited number of enforcement points.
Individual Domain Management Server licenses are recommended for mixed networks consisting of
both Virtual Systems and physical Check Point gateways. V
Domain Management Server Pro: Domain Management Server Pro licenses, which enable additional
management features at the Domain Management Server level, can be purchased in bulk and are called
Pro Add-ons for Multi-Domain Server.
Multi-Domain Server: This is a comprehensive license that enables real-time logging, tracking and log
management for a predefined number of Log Servers hosted on a dedicated Multi-Domain Log Server.