博客來This book is designed for Virtual System Extension (VSX) Lab Configuration. I tried to cover complete solutions for the Steps of VSX training. It has lab scenario which helps to new beginners. I think this book is very helpful to you.
A VSX Gateway contains a complete set of virtual devices that function as physical network components, such as Security Gateway, routers, switches, interfaces, and even network cables. Centrally managed, and incorporating key network resources internally, VSX lets businesses deploy comprehensive firewall and VPN functionality, while reducing hardware investment and improving efficiency.
Using the Check Point Smart-1 appliance, administrators may configure multiple virtual systems in their environment. Each Virtual System works as a Security Gateway, typically protecting a specified network. When packets arrive at the VSX Gateway, it sends traffic to the Virtual System protecting the destination network. The Virtual System inspects all traffic and allows or rejects it according to the rules defined in the security policy thus preventing unauthorized access to the network which in turn leads to the optimal network resource usage. On the other hand, improper policy configurations may result in fewer virtual systems which may hog the bandwidth and choke the network! To avoid such spurious situations, administrators should periodically monitor the efficiency of the policy configuration, figure out any impending discrepancies and fix them immediately! This is where the CheckPoint Virtual System Extension test helps!
This test auto-discovers the virtual systems configured in the Check Point Smart-1 appliance and periodically monitors the amount of data and packets processed through each virtual system. In addition, this test also reports the CPU utilization and the active connections on each virtual system. In the process, this test helps administrators deduce the virtual system that is handling high volume of traffic and is hogging the bandwidth resources available to the network! This way, administrators can figure out if policy configurations are effective and if not, can initiate necessary action to fine tune them.
