Manualshelf

Technical data

ManualsBrandsCheck Point Software Technologies ManualsNetworkingVSX-1 3070
171172173174175176177178179180
Deploying VSX
Check Point VSX Administration Guide NGX R67 | 174
Perimeter Security
In the figure below, security is enforced on a per-VLAN basis. The OSPF and BGP Dynamic routing
protocols provide connectivity to multiple security zones along the perimeter.
Figure 11-42 Perimeter security
Notes to this scenario:
Partners access network resources remotely via Virtual Systems
Each Virtual System has its own security policy based on its requirements
Logs and audit information for each partner is collected separately, and saved to a private database
Applications and services are segregated by private Virtual Systems
Multiple Virtual Routers/Switches are used to control the access paths
Managed Service Providers Using Multi-Domain Security
Management
Managed service providers give connectivity and security services for Domain networks. Some of these
Domains require remote access capabilities. In this service oriented environment, VSX and Multi-Domain
Security Management provide central management and make connectivity and security easier, without
affecting the existing IP topology.
In this scenario, a VSX cluster is in a Point of Presence (POP) deployment for a service provider. VSX
consolidates hardware for the service provider and ensures privacy and secure connectivity solutions (VPN)
for users. This scenario is appropriate for High Availability and Virtual System Load Sharing cluster modes.