Using MHO CLI to Create and Configure a Security Group

00:01

Hello and welcome back to check point, jump start

00:04

training on the maestro

00:08

Hyper scale network security solution.

00:11

In this video, I will demonstrate

00:15

how to

00:16

create,

00:17

populate

00:19

and apply

00:22

a security group,

00:24

be of the command line interface and then

00:28

use that security group

00:30

in policy.

00:35

So I am on the

00:37

my strong

00:39

hyper scale orchestrator

00:41

right now in Cle Shell.

00:45

And

00:47

I will add

00:48

security group

01:03

add appliances to the security group

01:23

again in please shell

01:26

tab completion will helpfully provide the serial numbers.

01:52

I've added

01:53

two security gateway modules to the security group.

01:57

Now I will add interfaces to the security group.

02:27

I've added ah

02:28

management interface.

02:30

Well, I will add

02:35

uplink interfaces.

02:55

I won't

02:57

add the first time wizard settings.

03:46

So at this point, I have configured the security group via the command line interface.

03:52

Almost, but not completely. I've set up the first time wizard configuration.

03:58

The remaining thing to do before I apply this security group

04:02

figuration is to set

04:05

the single management objects network properties.

04:54

Now, I will

04:55

apply this new configuration.

05:20

So the orchestrator has

05:23

validated

05:25

the new security group configuration

05:27

distributed the configuration to the security gateway modules that have been added to the security group.

05:34

Those security gateway Ma modules will install the new configuration and restart themselves,

05:42

so we'll pause until the restart is complete

05:46

and the single management object is ready to answer the Web user interface.

05:56

Now the

05:58

single management object of the new security group

06:01

is responsive. Answering

06:03

the I P address assigned to it

06:06

so I can connect to it with the Web user interface

06:15

and configure the traffic ports

06:35

style. Set the session timeouts to be ridiculously long.

06:46

Now

06:46

a year

06:47

uplinked traffic interfaces.

07:21

Let's to the three interfaces configured,

07:54

and

07:55

now I will go to the smart Consul application and create

08:01

an object to represent the single management object in policy.

08:20

Usually a good idea to use the same name

08:22

that you provided the security group

08:35

stall are established sick

08:50

that will fetch the topology.

09:03

Now I will install policy

09:05

to the new security group as well as the existing security group,

09:24

so policy installation is in progress.

09:35

Pause until it completes.

09:41

So

09:43

policy has been installed successfully,

09:46

and now

09:50

I'll be able to access

09:52

clogs and everything

09:54

you would expect to access on a security gateway.

10:00

So I just wanted to demonstrate how to do the security group

10:05

configuration from the orchestrators command line.

10:11

Thank you

10:11

for attending this