Building an Azure Private Cloud Environment

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
2 hours 22 minutes
Difficulty
Beginner
CEU/CPE
2
Video Transcription
00:00
>> [MUSIC]
00:00
Welcome to Check Point Jump Start training series.
00:00
In this training series,
00:00
we'll be looking at different
00:00
Check Point CloudGuard product lines.
00:00
Check Point CloudGuard is
00:00
a suite of products and solutions that
00:00
can secure your data and virtual networks in the Cloud.
00:00
My name is Manuel Joaquim,
00:00
and I will be your technical trainer
00:00
for this training module.
00:00
I would like now to show you a demonstration of
00:00
CloudGuard and how to deploy
00:00
>> it in the Cloud environment.
00:00
>> In this lab, we are going to deploy
00:00
a Microsoft Azure Cloud environment,
00:00
but I'm going to make some basic assumptions.
00:00
I'm going to assume that you
00:00
>> have some basic knowledge of
00:00
>> Check Point products and know how to
00:00
configure a standard management station
00:00
and a traditional Check Point gateway.
00:00
That you are here to learn
00:00
>> how to deploy it in the Cloud.
00:00
>> Also, I'm going to assume that
00:00
you are new to the Cloud and so I'm
00:00
going to primary focus and what is
00:00
new or different with a Cloud deployment.
00:00
What is different between
00:00
regular gateway and the Cloud gateway.
00:00
But first, let me give you
00:00
a big picture overview of the lab.
00:00
In this lab, we're going to deploy one VNet,
00:00
three subnets a management station,
00:00
a gateway, and a web server.
00:00
We're going to launch and
00:00
interconnect all the components and the
00:00
create a firewall policy and rules to make
00:00
it all function and connect to the Internet.
00:00
We're going to break down this lab into small steps.
00:00
These steps will be broken down
00:00
into five separate exercises.
00:00
I'm going to walk you through step-by-step on
00:00
how to deploy a CloudGuard gateway into the Cloud.
00:00
You can also come back and reference
00:00
the separate exercises as needed
00:00
during your own CloudGuard deployment journey.
00:00
Let's get started with the first exercise.
00:00
Exercise 1, how to
00:00
build an Azure private Cloud environment.
00:00
In this first exercise,
00:00
we're going to deploy a VNet,
00:00
the virtual network in Microsoft Azure,
00:00
which will be automatically connected to the Internet.
00:00
After building our virtual network,
00:00
you cannot just add virtual machines
00:00
to the virtual network.
00:00
You must first configure your subnets,
00:00
and then within your subnets,
00:00
you can then add your virtual machines.
00:00
In total in this lab,
00:00
we're going to configure three separate subnets.
00:00
But at a minimum, when deploying a CloudGuard,
00:00
you need to have two subnets,
00:00
and his is by design for optimal CloudGuard deployment.
00:00
I'll explain why as we progress.
00:00
Once we have created VNet,
00:00
we will then create our first subnet.
00:00
We will call it the frontend subnet.
00:00
The second subnet, we will call it the backend subnet.
00:00
This is going to be our first lab.
00:00
Let me show you how to do this.
00:00
Connect to your Azure account,
00:00
go to the main launch menu,
00:00
and then go to your virtual networks.
00:00
We're going to create our first virtual Network,
00:00
our first virtual private Cloud.
00:00
Let's select, Create Virtual Network.
00:00
We need to fill in the fields as follows.
00:00
The subscription, I only have
00:00
one subscription in my account,
00:00
so we'll leave it as is.
00:00
The resource group in my account,
00:00
I have a few resources already created for me.
00:00
I'm going to select the first one,
00:00
but depending on your subscription and your account,
00:00
you might need to create a new resource group.
00:00
My account permissions do not
00:00
allow me to create a new resource group.
00:00
I will need to select one of these pre-built in ones.
00:00
Now, for the name, what do you
00:00
want to call your virtual network?
00:00
You can be as creative as you like.
00:00
I'm going to call mine myVNet to keep it simple.
00:00
I will keep the region as the
00:00
>> default that works for me,
00:00
>> but you can select whichever region you're in,
00:00
or better yet, what region your customer base is in.
00:00
Let's go to the next screen.
00:00
You just need to click on the
00:00
>> next field, IP addressing.
00:00
>> Here, we're going to define
00:00
the network address range for the virtual network.
00:00
You can select whatever address range that you like.
00:00
This is going to be a private range.
00:00
It should not be accessible from the Internet,
00:00
at least not now.
00:00
Again, I'm going to keep the defaults,
00:00
10.0.0.0/16, which is a class B network.
00:00
This will give me a really big wide range
00:00
to create my subnets in.
00:00
Now, I need to create a subnet
00:00
so I can place my VMs in it.
00:00
The default is fine,
00:00
but I want to change the name.
00:00
I will change the name to frontend.
00:00
You'll see why later.
00:00
I will keep the default subnet,
00:00
which is a /24
00:00
10.0.0.0/24 is a subnet of my VPC range of /16.
00:00
Let's select, Save.
00:00
Now, I want to create a second subnet.
00:00
Let's select, Add subnet.
00:00
This second subnet, I'm going to call it
00:00
the backend subnet to
00:00
differentiate it from the frontend subnet.
00:00
I will again use a /24,
00:00
which is within my /16 VPC range,10.0.1.0/24.
00:00
Again, we select Save.
00:00
Let's move forward to the next screen.
00:00
Select Security, we'll
00:00
keep the security settings the same.
00:00
No changes are required here.
00:00
Let's move to the next screen.
00:00
Select Tags.
00:00
I'm not going to put any tags right now,
00:00
but I could if I wanted to.
00:00
The tags can be used to search for this resource
00:00
later during the rule-based creation and deployment.
00:00
But for now, let's just select, Next.
00:00
Review and create the Azure software will
00:00
verify that all my selections
00:00
are copacetic and that nothing is wrong.
00:00
If there was any mistakes,
00:00
I will need to correct them now.
00:00
If everything is fine,
00:00
I just need to select, Create.
00:00
The Azure Server will now create my virtual network,
00:00
my two subnets, under my account and
00:00
subscription in my region of choice.
00:00
Let's select the Deployment icon.
00:00
It tells me that the deployment is in
00:00
progress and I just have to wait for it to complete.
00:00
In this case, it is fast
00:00
and the deployment is completed quickly.
00:00
Let's select, Go to resource,
00:00
to see what we have created.
00:00
We created a VPC called myVNet.
00:00
Then, if you go to the subnet tab,
00:00
we will see the two subnets that I have
00:00
created inside my VNet VPC.
00:00
We have the frontend subnet and the backend subnet.
00:00
The frontend subnet is 10.0.0.0/24,
00:00
and the backend subnet is 10.0.1.0/24.
00:00
To recap, we created a VNet
00:00
10.0.0.0/16 in the Azure environment.
00:00
We then created inside this VNet, two subnets.
00:00
The first subnet, we called it the frontend with
00:00
a network of 10.0.0.0/24.
00:00
We created a backend subnet
00:00
>> with a range of 10.0.1.0/24.
00:00
>> That completes the end of Exercise 1.
00:00
In the next exercises,
00:00
we will populate the subnets with virtual machines.
00:00
I'll see you there
00:00
[MUSIC].
Up Next