Video Transcription

00:01
Welcome back to check point. Jump start,
00:05
Maestro training.
00:07
I have a couple of
00:10
odds and ends
00:12
the Radha and updates
00:16
first.
00:17
Uh,
00:19
if you want to see what
00:20
jumble hot fix accumulator is installed,
00:25
you can do that with the A s G underscore provisioned command
00:32
some some limitations, uh,
00:36
one.
00:37
You can have different models of security gateway modules connected to your orchestrator. However,
00:44
at least in our 80.20 s p,
00:49
all security gateway
00:51
modules in the same security group must be the same model.
01:00
Currently, you cannot Nat or VPN
01:03
anedge meant
01:06
to the single management object traffic.
01:08
That's because the correction layer has a limitation
01:12
that it cannot correct traffic being sent to a management port.
01:22
The default distribution mode has changed between our 80.20
01:27
spn already 0.30
01:30
sp
01:32
in our 80 dot
01:33
20 SP and earlier. The default distribution mode
01:38
is general
01:40
in our 80.30 SP.
01:42
The default distribution mode is user or network, depending on the interface,
01:52
there's a limitation regarding smart view Monitor,
01:57
smart view, monitor of a by strode deployment.
02:01
We'll get statistics
02:04
Onley from
02:06
one of the security gateway modules
02:08
and will not reflect
02:10
all of the traffic that
02:14
passing through the system.
02:17
There are a couple of network ranges that are reserved for internal use by the orchestrator
02:24
and the security. Gateway modules 192.0 dot to slash 24
02:30
is reserved for synchronization. Traffic
02:34
in 198.51 dot 101 slash 24 is reserved for chassis internal
02:43
networking messages.
02:47
Connections that pass between up link ports and management ports are not supported.
02:55
Already 0.30
02:58
SP has added some features
03:01
multi cues which
03:04
provides more efficient utilization of core excel
03:08
now
03:09
enabled by default
03:14
bsx Virtual switches
03:16
are supported,
03:17
but this requires ah, hot fix. Currently,
03:22
threat extraction is supported in our 80.30 SP.
03:27
This
03:28
requires ah, hot fix
03:31
I P v six is supported,
03:36
as are having multiple down lee connections to a security gateway module
03:43
load share traffic instead of
03:46
active standby.
03:50
I also want to point you at some
03:53
documentation and help. Resource is
03:59
so that will be next.
04:03
No pre sources for your maestro deployment.
04:09
Ah, obvious starting point is
04:12
secure knowledge.
04:15
So support center dot checkpoint dot com
04:19
and
04:21
search for
04:25
in this case, checkpoint
04:27
Maestro
04:28
and
04:30
you can make the search a little bit more specific
04:32
by including the release number are 80.20 s p, for example,
04:39
and several great results
04:42
are included.
04:45
Specifically
04:46
this product page
04:50
looting
04:53
leaks to download
04:55
the are 80.20 s p i S o image
05:00
appliances.
05:03
The port mapping
05:05
orchestrators graphic
05:08
which I've used in this training
05:18
administration guides.
05:21
So administrating Guyana, administrating
05:25
that
05:26
guy in a maestro environment. Administrating maestro,
05:30
maestro performance tuning bsx
05:33
Also very handy is a maestro frequently asked questions document
05:40
and
05:42
the
05:43
Checkpoint Maestro known limitations document.
05:49
Another great source of help
05:54
with maestro is the Czech mates
05:57
Maestro section
05:59
So you can go toe
06:01
community dot checkpoint dot com
06:04
and under products
06:08
the products drop down menu Select Maestro
06:13
your network.
06:15
There is a lot of good information that is provided by checkpoint employees
06:20
as well as checkpoint partners
06:24
and users.
06:25
You are sharing their knowledge and experience
06:28
in some cases, their scripts.
06:34
So that concludes my
06:38
errata and additions.
06:40
Thank you for attending this jump start training

Up Next

Check Point Jump Start: Maestro Hyperscale Network Security

In this course brought to you by industry leader Check Point, they will cover the Maestro Orchestrator initial installation, creation and configuration of security group via the web user interface and SmartConsole features. This course provides a demonstration of the Maestro product. Course will prepare you for their exam, #156-412, at Pearson VUE.

Instructed By

Instructor Profile Image
CheckPoint
Instructor