Using MHO CLI to Create and Configure a Security Group

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
3 hours 53 minutes
Difficulty
Beginner
Video Transcription
00:01
Hello and welcome back to check point, jump start
00:04
training on the maestro
00:08
Hyper scale network security solution.
00:11
In this video, I will demonstrate
00:15
how to
00:16
create,
00:17
populate
00:19
and apply
00:22
a security group,
00:24
be of the command line interface and then
00:28
use that security group
00:30
in policy.
00:35
So I am on the
00:37
my strong
00:39
hyper scale orchestrator
00:41
right now in Cle Shell.
00:45
And
00:47
I will add
00:48
security group
01:03
add appliances to the security group
01:23
again in please shell
01:26
tab completion will helpfully provide the serial numbers.
01:52
I've added
01:53
two security gateway modules to the security group.
01:57
Now I will add interfaces to the security group.
02:27
I've added ah
02:28
management interface.
02:30
Well, I will add
02:35
uplink interfaces.
02:55
I won't
02:57
add the first time wizard settings.
03:46
So at this point, I have configured the security group via the command line interface.
03:52
Almost, but not completely. I've set up the first time wizard configuration.
03:58
The remaining thing to do before I apply this security group
04:02
figuration is to set
04:05
the single management objects network properties.
04:54
Now, I will
04:55
apply this new configuration.
05:20
So the orchestrator has
05:23
validated
05:25
the new security group configuration
05:27
distributed the configuration to the security gateway modules that have been added to the security group.
05:34
Those security gateway Ma modules will install the new configuration and restart themselves,
05:42
so we'll pause until the restart is complete
05:46
and the single management object is ready to answer the Web user interface.
05:56
Now the
05:58
single management object of the new security group
06:01
is responsive. Answering
06:03
the I P address assigned to it
06:06
so I can connect to it with the Web user interface
06:15
and configure the traffic ports
06:35
style. Set the session timeouts to be ridiculously long.
06:46
Now
06:46
a year
06:47
uplinked traffic interfaces.
07:21
Let's to the three interfaces configured,
07:54
and
07:55
now I will go to the smart Consul application and create
08:01
an object to represent the single management object in policy.
08:20
Usually a good idea to use the same name
08:22
that you provided the security group
08:35
stall are established sick
08:50
that will fetch the topology.
09:03
Now I will install policy
09:05
to the new security group as well as the existing security group,
09:24
so policy installation is in progress.
09:35
Pause until it completes.
09:41
So
09:43
policy has been installed successfully,
09:46
and now
09:50
I'll be able to access
09:52
clogs and everything
09:54
you would expect to access on a security gateway.
10:00
So I just wanted to demonstrate how to do the security group
10:05
configuration from the orchestrators command line.
10:11
Thank you
10:11
for attending this
10:15
module