Technical data
Introduction to VSX Clusters
Check Point VSX Administration Guide NGX R67 | 83
Internal networks send traffic destined for the Internet or external networks, to the cluster IP address. This
traffic is processed by the designated cluster member, inspected, and forwarded to its external destination.
Each member interface has a unique, physical IP addresses. These IP addresses which are invisible to
physical networks, are used for internal communication between members and the management server for
such tasks as downloading policies, sending logs and checking the status of individual cluster members.
VSX Clusters
VSX clusters, like their physical counterparts, connect two or more synchronized gateways in such a way
that if one fails, another immediately takes its place. VSX clusters are defined at two levels:
VSX ensures that Virtual Systems, Virtual Routers, Virtual Switches and their interfaces are provisioned and
configured identically on each cluster member. The figure below shows that each cluster member contains
identical instances of each virtual device. These identical instances are referred to as peers.
Figure 5-20 Typical Cluster Setup
VSX provides the management functionality to support network and security virtualization, including:
Assigning virtual IP addresses: Each virtual device interface requires its own virtual IP address.
State synchronization: Virtual device state tables are synchronized to peers on other cluster members.
Supported Cluster Environments
VSX supports the following proprietary clustering environments.
Check Point ClusterXL
Crossbeam Systems
The procedures presented in this Administration Guide focus on Check Point Cluster XL environments. If
you are using one of the other supported environments, please refer to their documentation for assistance in
implementing VSX cluster deployments.
Planning a Cluster Deployment
As with physical network deployments, advance planning is the key to successfully creating a working
network. IP address allocation for a VSX deployment requires particular attention. This section takes you
through the basics of IP address allocation for a VSX environment. Your VSX configuration choices affect
the number of IP addresses required, both public and private.