Follow me on Twitter Receive/Transmit

Getting Started with Check Point – SmartCenter Server

Jan.17, 2011, under Networks, Security

The SmartCenter server is a key part of the Check Point infrastructure and without one you can’t do very much at all with your firewalls, so it should be one of the first things you set up. It can either be installed on the same hardware as one of your firewalls, or as a dedicated management machine. In this case I’m going to set it up on a dedicated Windows 2003 server.

The install is fairly straightforward, just mount/insert the disc and run the setup. I’ll run through a sample of an R65 SmartCenter install as some of the screens need a little explanation.

Skip past the first two screens until you hit this page:

If you are installing the full firewall product, what you choose here will depend on your licensing. As we are just installing the SmartCenter it doesn’t matter for us. On the next page you can import a config if you have one, or choose a fresh install. After that you come to this page:

This is where you choose the products you want to install. Here I’ve chosen the SmartCenter itself, plus the SmartConsole management tools. If you wanted to install the firewall software, you would choose the top box. On the next page you can choose if this will be a primary, secondary, or log server. You can install two SmartCenter servers in an HA cluster using the primary/secondary options. At this point the installer will run and complete. There are a few more steps before we can use it though.

Firstly it will ask you to install any licenses that you might have. The products come with a 15 day evaluation license if you are just playing around. If you have any license files you can either upload the files directly, or type in the keys manually.

The next step is to create an admin user, which is followed by defining IP ranges which are allowed to access the management software on the server. The default is that any user can manage the server. Although I’ve selected to install the management tools locally on the server, you can also install them separately on another machine, in a similar way to a Microsoft MMC or the Cisco ASDM. Finally you’ll be given a signature key, which is used to verify the identity of the server once we start linking it up to remote firewalls.

At this point your SmartCenter server is up and running, its a fairly painless install. You can have a play with the management tools (they have a nice demo mode with predefined topologies), but until we link up our first firewall the server alone is pretty useless.

:,

Leave a Reply