Saturday, July 16, 2016

Check Point 1100 Appliance Configuration Step by Step

 photo 1100 Box_zps7kgdt4uz.jpg
Check Point 1100
A couple of months ago, I received Check Point 600 Appliance and did a post regarding basic configuration for 600. It is used to replace replaces the Save@Office models and cannot be managed centrally by a Check Point SmartCenter Server. 1100 appliance is an all-in-one security appliance that offers robust, multi-layered protection with branch offices in mind, including flexible network interfaces and a compact, desktop form factor, which is used to replace the SG80 and the UTM-1 Edge.

Both 600 and 1100 appliances support local management. The SG600 can be centrally managed by Check Point's SMB Management Cloud service. The SG1100 can be managed by standard Check Point management running R75.46 or above. Neither unit can be managed by the old Sofaware SMP product.

Back panel: 8 LAN ports, 1 WAN port, 1 DMZ port, console port.

Front Panel: there is one usb slot.

1. Connect One of LAN ports with your computer.
Your computer will get a DHCP ip address from network.
In my case, my laptop got ip address and gateway is which is 1100 appliance's default LAN interface ip.

Type or , the browser will automatically re-direct to , which is default management interface of Check Point 1100 appliance.
 photo 1_zps1ihirpos.png
2. First Time Configuration Wizard 
It will guide you to complete basic configuration step by step.
 photo 2_zpsxl2bviqq.png
Authentication Details
 photo 3_zpsjkyt1cqi.png
Appliance Date and Time Settings
 photo 4_zpsliqvrfps.png
Appliance Name

 photo 5_zpstidzhwsn.png
Security Policy Management
 photo 6_zpsvaj2losj.png
Internet Connection
 photo 7_zps8jbdacls.png
Local Network
 photo 8_zpsrspjimpz.png
Administrator Access

 photo 9_zpssbpvtls7.png
Appliance Activation
 photo 91_zpsypbwszez.png
Skip Appliance license Activation 
 photo 92_zpsybf6us9a.png
Software Blades Activation
 photo 93_zps5fory8ap.png
Configuration Summary
 photo 94_zpst8zzpj77.png
Configuring the system for the first time
3.  Log in 1100 Appliance
 photo 95_zpsgk4obb82.png 

4. Firewall Access Policy Configuration

4.1 Static NAT Server Configuration

 photo 01_zpshnlob2gi.png
\ photo 02_zpsgnniwj0i.png
 photo 03_zpseccazxwp.png
 photo 04_zpsfoph8uuj.png

4.2 Outbound Internet Access Rule

4.3 Inbound Access Rule from Internet

In following screenshots, there are three parts:

  • Red rectangle part is Outgoing access to the Internet which is auto-generated rule from 4.2
  • Green rectangle part is Incoming rules and VPN rules
    • Yellow rectangle part is manual rules for inbound traffic
    • Blue rectangle part is those auto-generated rules from 4.1 by static server NAT configuration.


Check Point 1100 Appliance - FAQ

No comments:

Post a Comment