{"id":19138,"date":"2023-11-22T22:18:13","date_gmt":"2023-11-22T16:48:13","guid":{"rendered":"https:\/\/networkinterview.com\/?p=19138"},"modified":"2024-03-04T00:03:21","modified_gmt":"2024-03-03T18:33:21","slug":"checkpoint-vsx","status":"publish","type":"post","link":"https:\/\/networkinterview.com\/checkpoint-vsx\/","title":{"rendered":"Checkpoint VSX: Architecture, Components &#038; Configuration"},"content":{"rendered":"<h1>What is Checkpoint VSX?<\/h1>\n<div class=\"netwo-in-between-content netwo-entity-placement\" id=\"netwo-3713424185\"><div id=\"netwo-2988808641\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-1375203873676133\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-1375203873676133\" \ndata-ad-slot=\"2134143805\" \ndata-ad-format=\"auto\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><\/div><p><span style=\"font-weight: 400;\">Checkpoint VSX full form is Virtual System eXtension (VSX), a product that runs multiple virtual<span style=\"color: #0000ff;\"> <a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/types-of-firewall-network-security\/\" target=\"_blank\" rel=\"noopener\">firewalls<\/a> <\/span>in the same hardware firewall.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can purchase hardware appliances with Licence of Virtual firewall. Using one hardware you will be able to create multiple firewalls, meaning virtual systems. These virtual systems (VSX) can act like a firewall, one VSX means one firewall. If you create multiple VSX means you are creating multiple firewalls for several locations.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Admin needs to create a <strong><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/sc1.checkpoint.com\/documents\/R81\/WebAdminGuides\/EN\/CP_R81_NextGenSecurityGateway_Guide\/Topics-FWG\/VSX.htm\" target=\"_blank\" rel=\"noopener\">VSX<\/a><\/span><\/strong><\/span><strong><span style=\"color: #0000ff;\"> gateway<\/span><\/strong><span style=\"font-weight: 400;\"> which further checks the packet and forward it to correct VSX. Every VSX has its own topology and security policies.<\/span><\/p>\n<h2>Advantages of Using VSX Firewalls<\/h2>\n<ul>\n<li><b>Cost effective<\/b><span style=\"font-weight: 400;\">: low cost is required to implement multiple VSX\u00a0<\/span><\/li>\n<li><b>Less Work:<\/b><span style=\"font-weight: 400;\"> we can manage the work through a single hardware firewall. It helps to reduce total time and work in managing multiple hardware firewalls.<\/span><\/li>\n<\/ul>\n<h2>Main Components for VSX<\/h2>\n<p><b>VSX Gateway:<\/b><span style=\"font-weight: 400;\">\u00a0Communicates with the Management Server. It acts as a mediator which lies between VSX and management server\/MDS<\/span><\/p>\n<p><b>Management Server\/MDS:<\/b><span style=\"font-weight: 400;\">\u00a0VSX Gateways communicate with the management server \/MDS for the purpose of managing, configuring, and deploying all virtual devices.<\/span><\/p>\n<p><b>DMI: Dedicated Management Interface<\/b><span style=\"font-weight: 400;\"> which is used to connect <span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/www.checkpoint.com\/quantum\/multi-domain-security-management\/\" target=\"_blank\" rel=\"noopener\">MDS<\/a><\/span> and VSX Gateway over a physical network. Like if MDS and VSX gateway devices are in the same Data Center then a physical connectivity between MDS and VSX gateway can be performed via DMI.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">DMI uses a separate interface which is restricted to the management traffic.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Its segregate management interface to the routing, production traffic<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Main Components for VSX<\/span><\/li>\n<\/ul>\n<h2>VSX Architecture<\/h2>\n<p><span style=\"font-weight: 400;\">In the above image VSX A is connected to Network A, VSX B to Network B and so on..\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">VSX -Virtual system is a security and routing domain that provides the functionality of security Gateway with full firewall and VPN facilities.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Every Virtual system maintains its own security blades and licences, security policies, <span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/what-is-vpn\/\" target=\"_blank\" rel=\"noopener\">VPN<\/a><\/span> policies and routing which means a virtual system acts like a separate firewall.<\/span><\/p>\n<p><b>How communication happens among VSX, VSX Gateway and Management Server<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Management server redirects traffic to the internet. Via management server we are performing configuration activities.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">When we initiate communication from the management server, it forwards the request to VSX Gateway and through VSX gateway traffic moves to the VSX.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">However, VSX Gateway first checks to which the traffic is pointed based on the subnet details.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Once traffic reaches the VSX system, policy\/routing and other configuration will be parsed.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Traffic will be allowed\/deny by the VSX based on the configuration in the VSX<\/span><\/li>\n<\/ul>\n<h2>Configure VSX Gateway Through MDS<\/h2>\n<p><span style=\"font-weight: 400;\">1. Login into <\/span><b>MDS -&gt;<\/b><b>\u00a0Smart Console Checkpoint<\/b><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19143\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-2.jpg\" alt=\"\" width=\"700\" height=\"301\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-2.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-2-300x129.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-2-600x258.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19144\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-3.jpg\" alt=\"\" width=\"700\" height=\"306\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-3.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-3-300x131.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-3-600x262.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">2. First you need to create a Domain in the MDS Server. Domain is nothing but a security management server through which security blades are managed for VSX. <\/span><b>Go to \u201c * \u201d option and select Domain.<\/b><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19145\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-4.jpg\" alt=\"\" width=\"700\" height=\"338\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-4.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-4-300x145.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-4-600x290.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">3. Give Name to <\/span><b>New Domain<\/b><span style=\"font-weight: 400;\">. Here we have given name <strong>-&gt;<\/strong><\/span><span style=\"font-weight: 400;\"><strong>\u00a0<\/strong>SMS1-VSX1<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19146\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-5.jpg\" alt=\"\" width=\"700\" height=\"299\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-5.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-5-300x128.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-5-600x256.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">4. Add Domain Server name and configuration details by selecting <\/span><strong>+<\/strong><span style=\"font-weight: 400;\"> tab. In this section Domain server and address details will be shared.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19147\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-6.jpg\" alt=\"\" width=\"700\" height=\"332\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-6.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-6-300x142.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-6-600x285.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">5. New Domain Server along with server<span style=\"color: #0000ff;\"> <a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/mac-address-vs-ip-address-know-the-difference\/\" target=\"_blank\" rel=\"noopener\">IP address<\/a><\/span>. We have given 192.168.1.20 IP addresses to the VSX domain server.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19148\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-7.jpg\" alt=\"\" width=\"350\" height=\"285\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-7.jpg 350w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-7-300x244.jpg 300w\" sizes=\"auto, (max-width: 350px) 100vw, 350px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19149\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-8.jpg\" alt=\"\" width=\"700\" height=\"347\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-8.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-8-300x149.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-8-600x297.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">6. Add trusted subnets which admin wants others to access the VSX management\u00a0<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19150\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-9.jpg\" alt=\"\" width=\"700\" height=\"338\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-9.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-9-300x145.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-9-600x290.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">7. Now install the changes in Checkpoint Smart Console<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19151\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-10.jpg\" alt=\"\" width=\"700\" height=\"402\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-10.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-10-300x172.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-10-600x345.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p>8.<strong> <span style=\"font-weight: 400;\">VSX Domain has been created and seen in the Smart Console<\/span><\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19152\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-11.jpg\" alt=\"\" width=\"700\" height=\"285\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-11.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-11-300x122.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-11-600x244.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p>9. <span style=\"font-weight: 400;\">Right click on the Smart Domain and connect to the Domain Server from Smart Console<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19153\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-12.jpg\" alt=\"\" width=\"700\" height=\"290\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-12.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-12-300x124.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-12-600x249.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">10. Domain Server dashboard look like as below<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19154\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-13.jpg\" alt=\"\" width=\"700\" height=\"375\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-13.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-13-300x161.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-13-600x321.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">11. Select <\/span><b>Gateway object<\/b> <span style=\"font-weight: 400;\"><strong>-&gt;<\/strong><\/span><b> VSX <span style=\"font-weight: 400;\"><strong>-&gt;<\/strong><\/span><\/b><b>\u00a0Cluster<\/b><span style=\"font-weight: 400;\"> (as we have lab for VSX Cluster)<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19155\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-14.jpg\" alt=\"\" width=\"700\" height=\"297\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-14.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-14-300x127.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-14-600x255.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">12. Provide cluster IP addresses , select cluster version and VSX Cluster platform<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19156\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-15.jpg\" alt=\"\" width=\"500\" height=\"362\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-15.jpg 500w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-15-300x217.jpg 300w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">13. Click next and add Cluster members IP Addresses, here we have created Cluster Member <\/span><b>VSX1 and VSX2. Establish trust through SIC. <\/b><span style=\"font-weight: 400;\">Now Click Next to add Interfaces\u00a0<\/span><\/p>\n<div id='gallery-1' class='gallery galleryid-19138 gallery-columns-3 gallery-size-thumbnail'><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href=\"https:\/\/networkinterview.com\/checkpoint-vsx\/checkpoint-vsx-16\/\"><img loading=\"lazy\" decoding=\"async\" width=\"128\" height=\"94\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-16.jpg\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-16.jpg 500w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-16-300x221.jpg 300w\" sizes=\"auto, (max-width: 128px) 100vw, 128px\" \/><\/a>\n\t\t\t<\/div><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href=\"https:\/\/networkinterview.com\/checkpoint-vsx\/checkpoint-vsx-17\/\"><img loading=\"lazy\" decoding=\"async\" width=\"128\" height=\"96\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-17.jpg\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-17.jpg 500w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-17-300x223.jpg 300w\" sizes=\"auto, (max-width: 128px) 100vw, 128px\" \/><\/a>\n\t\t\t<\/div><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href=\"https:\/\/networkinterview.com\/checkpoint-vsx\/checkpoint-vsx-18\/\"><img loading=\"lazy\" decoding=\"async\" width=\"128\" height=\"50\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-18.jpg\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-18.jpg 500w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-18-300x118.jpg 300w\" sizes=\"auto, (max-width: 128px) 100vw, 128px\" \/><\/a>\n\t\t\t<\/div><\/figure>\n\t\t<\/div>\n\n<p>14.<b> We are not selecting any interfaces <\/b><span style=\"font-weight: 400;\">here as it is not required as per our lab<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19160\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-19.jpg\" alt=\"\" width=\"350\" height=\"266\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-19.jpg 350w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-19-300x228.jpg 300w\" sizes=\"auto, (max-width: 350px) 100vw, 350px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">15. Add cluster member state synchronisation <\/span><b>port and IP address for internal cluster communication. Below IP addresses are only for\u00a0 internal cluster communication\u00a0<\/b><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19161\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-20.jpg\" alt=\"\" width=\"350\" height=\"261\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-20.jpg 350w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-20-300x224.jpg 300w\" sizes=\"auto, (max-width: 350px) 100vw, 350px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">16. Select firewall management access rules\u00a0 which you want to add in the VSX cluster<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19162\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-21.jpg\" alt=\"\" width=\"700\" height=\"385\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-21.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-21-300x165.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-21-600x330.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">After selecting <span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/checkpoint-firewall-policy\/\" target=\"_blank\" rel=\"noopener\">Firewall policies<\/a><\/span>, we will <\/span><b>finish the installation<\/b><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<div id='gallery-2' class='gallery galleryid-19138 gallery-columns-2 gallery-size-thumbnail'><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href=\"https:\/\/networkinterview.com\/checkpoint-vsx\/checkpoint-vsx-22\/\"><img loading=\"lazy\" decoding=\"async\" width=\"103\" height=\"96\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-22.jpg\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-22.jpg 350w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-22-300x280.jpg 300w\" sizes=\"auto, (max-width: 103px) 100vw, 103px\" \/><\/a>\n\t\t\t<\/div><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href=\"https:\/\/networkinterview.com\/checkpoint-vsx\/checkpoint-vsx-23\/\"><img loading=\"lazy\" decoding=\"async\" width=\"128\" height=\"33\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-23.jpg\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-23.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-23-300x78.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-23-600x157.jpg 600w\" sizes=\"auto, (max-width: 128px) 100vw, 128px\" \/><\/a>\n\t\t\t<\/div><\/figure>\n\t\t<\/div>\n\n<h2><b>Now Configure Virtual System Configuration<\/b><\/h2>\n<p>1. <b>Now got to the * tab and select <span style=\"font-weight: 400;\"><strong>-&gt;<\/strong><\/span><\/b><b> VSX <span style=\"font-weight: 400;\"><strong>-&gt;<\/strong><\/span><\/b><b>\u00a0VSX System<\/b><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19165\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-24.jpg\" alt=\"\" width=\"700\" height=\"232\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-24.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-24-300x99.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-24-600x199.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">2. Name Virtual System VS1 and add Gateway cluster (which is created above)<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19166\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-25.jpg\" alt=\"\" width=\"700\" height=\"276\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-25.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-25-300x118.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-25-600x237.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p>3. <b>Add Virtual System Network Configuration in the setup\u00a0<\/b><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-19167\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-26.jpg\" alt=\"\" width=\"700\" height=\"486\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-26.jpg 700w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-26-300x208.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/02\/checkpoint-vsx-26-600x417.jpg 600w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\n<p>4. <b>Finish the setup.<\/b><\/p>\n<p><b>Now VSX Gateway and Cluster is ready to use through Smart Console and Dashboard!<\/b><\/p>\n<h2><span style=\"color: #ff6600;\">Continue Reading:<\/span><\/h2>\n<p><span style=\"color: #0000ff;\"><em><strong><a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/checkpoint-firewall-policy\/\" target=\"_blank\" rel=\"noopener\">Checkpoint Firewall Policy: Rules &amp; Configuration<\/a><\/strong><\/em><\/span><\/p>\n<p><span style=\"color: #0000ff;\"><em><strong><a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/checkpoint-3-tier-architecture\/\" target=\"_blank\" rel=\"noopener\">Understanding Checkpoint 3-Tier Architecture: Components &amp; Deployment<\/a><\/strong><\/em><\/span><\/p>\n<div class=\"netwo-after-content netwo-entity-placement\" id=\"netwo-957434350\"><div id=\"netwo-2984869632\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-1375203873676133\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-1375203873676133\" \ndata-ad-slot=\"2134143805\" \ndata-ad-format=\"auto\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>What is Checkpoint VSX? Checkpoint VSX full form is Virtual System eXtension (VSX), a product that runs multiple virtual firewalls in the same hardware firewall. You can purchase hardware appliances with Licence of Virtual firewall. Using one hardware you will &hellip; <\/p>\n","protected":false},"author":146,"featured_media":19142,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,79],"tags":[6691,6607],"class_list":["post-19138","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-techblog","category-security","tag-checkpoint","tag-security"],"_links":{"self":[{"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/posts\/19138","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/users\/146"}],"replies":[{"embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/comments?post=19138"}],"version-history":[{"count":0,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/posts\/19138\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/media\/19142"}],"wp:attachment":[{"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/media?parent=19138"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/categories?post=19138"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/tags?post=19138"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}