The Check Point CloudGuard IaaS solution consists of 2 components:

  1. CloudGuard Gateway - this component scans incoming and outgoing traffic to your public cloud instance
  2. CloudGuard Security Management Server - this component manages one or more gateways

These two components can be architected in the following deployment models:

  1. Standalone configuration, in which the gateway acts as its own management
  2. Distributed configuration, in which the gateway is managed by a management server located either on premises on in a public cloud/virtual network

In order to deploy the CloudGuard Network Security solution, you will need to complete the following steps. Below is a basic overview - more detailed instructions can be found at the Check Point documentation links below.

  1. Prepare and configure your public cloud environment where the CloudGuard Gateway will run
    1. See the links below for detailed instructions broken out by the different supported public cloud vendors
  2. Deploy and configure your Security Management Server (standalone or distributed)
    1. For more information on how to utilize the CloudGuard Controller component of your customer's on premises instance of R80, please refer to this CloudGuard Controller Administration Guide (requires R80.30 or higher)
    2. For more information on how to deploy a management server on a public cloud, please refer to the below links, which contain detailed instructions broken out by the different public cloud vendors
  3. Deploy and configure your CloudGuard Gateway(s)
  4. Testing and troubleshooting

In order to ensure the most updated and detailed instructions, please utilize the links below to access Check Point's Deployment and Admin guides for CloudGuard IaaS:

CloudGuard IaaS on AWS documentation (use this for deploying a BYOL instance of CGNS on AWS): Deployment Guide

CloudGuard IaaS on Azure documentation (use this for deploying a BYOL instance of CGNS on Microsoft Azure): Reference Architecture and Deployment Guide

CloudGuard IaaS on Google Cloud Platform documentation (use this for deploying a BYOL instance of CGNS on GCP): Reference Architecture and Deployment Guide

CloudGuard IaaS on IBM Cloud documentation (use this for deploying a BYOL instance of CGNS on IBM Cloud): Reference Architecture and Deployment Guide

CloudGuard IaaS Metered License Guide (use this for deploying a pay-as-you-go instance of CGNS): Quick Start Guide

Finally, if the above links do not contain the information you are looking for, here are some more resources for your convenience:

  1. Here is a list of all official support, admin, and deployment documentation provided by Check Point for the CloudGuard Network Security solution: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doShowproductpage&productTab=overview&product=456
  2. Here is the Check Point CheckMates forum for CloudGuard Network Security: https://community.checkpoint.com/t5/Cloud-Network-Security-IaaS/bd-p/cloudguard-iaas

If you believe you need Check Point Support to assist, please refer to our FAQ document on how to create a service request with Check Point Support.