Quantum 1U Скачать руководство пользователя страница 1 | Manualshive

Страница: 1 / 79

background image

[C

la

s

s

if

ic

a

ti

o

n

:

P

ro

te

c

te

d

]

24 April 2023

QUANTUM MAESTRO

Getting Started Guide

1
2
3
...
»

Содержание 1U

Страница 1: ...Classification Protected 24 April 2023 QUANTUM MAESTRO Getting Started Guide...

Страница 2: ...ty Gateway Object in SmartConsole 17 Part 4 Monitoring the Security Group Members 17 Hardware Components 18 MHO 140 Front Panel 23 MHO 140 Rear Panel 24 Ports 25 Mounting the Quantum Maestro Orchestra...

Страница 3: ...Table of Contents Quantum Maestro Getting Started Guide 3 Connecting to the Downlink Ports with DAC or Fiber Cables 66 Quantum Maestro Orchestrator Ports and Gaia OS Interfaces 69...

Страница 4: ...distributes traffic between the Security Appliances assigned to Security Groups n Ability to connect more Security Appliances and use their resources easily in the existing Security Groups Overview Q...

Страница 5: ...head Phillips screws with a round patch 6 32x1 4 100 Deg Patch 360 Cables and Adapters n 2 power cables Type C13 C14 n 2 cable retainers n 1 DB9 to RJ45 serial console cable n 1 DAC cable 3m Document...

Страница 6: ...76 Bpps l MHO 140 Throughput of up to 1280 Gbit sec and processing capacity up to 2 97 Bpps n Flat latency in the cut through mode l MHO 175 425 ns l MHO 170 300 ns l MHO 140 300 ns n Speeds of 1 10 4...

Страница 7: ...FP28 use QSFP to SFP breakout cables 8 1 28 Tbit sec Quantum Maestro Orchestrator supports different interfaces and speed rates when you use QSFP to SFP adapters or hybrid cables For more information...

Страница 8: ...k on page 29 2 Install the Security Appliances for your Security Groups Procedure a Install the applicable Expansion Line Cards if required in the appliances See Installing and Removing Line Cards Mae...

Страница 9: ...you must use only the supported transceivers See sk92755 Compatibility of transceivers for Check Point appliances See n Port Mapping for the Quantum Maestro Orchestrator MHO 140 on page 20 n Connecti...

Страница 10: ...chestrator and 1 out of 4 ports on the Quad Port Card on each Security Appliance Illustration Instructions On each Security Appliance C in the Security Group a Connect a cable from Port 1 on the Quad...

Страница 11: ...on the Quad Port Card to a Downlink port on the first Orchestrator A b Connect a cable from Port 3 on the Quad Port Card to a Downlink port on the first Orchestrator A c Connect a cable from Port 2 on...

Страница 12: ...age 63 Port Speed on a Switch Port Type on the Orchestrator Cable to Use 10 Gbps SFP SFP28 Ports 5 26 Fiber or DAC 40 Gbps QSFP QSFP28 Ports 49 55 Fiber DAC or Breakout 100 Gbps QSFP QSFP28 Ports 49 5...

Страница 13: ...ith these default credentials n Username admin n Password admin Best Practice Change the default password If the SSH connection is interrupted after the password change log in again with the new passw...

Страница 14: ...eway set static route default nexthop gateway address IPv4 Address on Example set static route default nexthop gateway address 192 168 10 1 on d Save the configuration save config 7 Connect the MGMT p...

Страница 15: ...3 From the left navigation panel click Orchestrator More information The Topology section contains the table that shows these sections from left to right Pane Description Unassigned Gateways All dete...

Страница 16: ...the assigned Management port eth X Mgmt Y on the Orchestrator front panel and your switch More information See n Port Mapping for the Quantum Maestro Orchestrator MHO 140 on page 20 n Connecting to t...

Страница 17: ...uired settings 3 Configure the applicable rules in the Access Control Policy 4 Configure the applicable rules in the Threat Prevention Policy 5 Install the Access Control Policy on this Security Gatew...

Страница 18: ...al and internal networks 8 RJ45 port for Console connection 3 Ports 17 30 are the Downlink ports lead to Security Appliances 9 Port 32 is the Synchronization port on the same Site leads to the peer Or...

Страница 19: ...roups lead to the Check Point Management Server 6 System Health LEDs 2 Ports 3 16 are the Uplink ports 40 Gbps 100 Gbps lead to external and internal networks 7 Port 30 is the Synchronization port in...

Страница 20: ...the Synchronization port in Dual Site leads to the peer Orchestrator on another Site 3 Ports 5 26 are the Uplink ports 1 Gbps 10 Gbps lead to external and internal networks 9 Management port Mgmt1 fo...

Страница 21: ...ts with the Port Label from 1 to 48 1G or 10G l Ports with the Port Label from 49 51 53 and 55 4x10G 40G or 100G l Ports with the Port Label from 50 52 54 and 56 40G or 100G 4 Configure the port type...

Страница 22: ...Hardware Components Quantum Maestro Getting Started Guide 22 6 Examine the port configuration show maestro port Port ID qsfp mode show maestro port Port ID type...

Страница 23: ...5 to 26 colored blue To these ports you connect your external traffic and internal traffic networks You use DAC or Fiber cables with transceivers 4 Downlink ports 27 to 47 colored orange To these port...

Страница 24: ...tor Gaia Portal and Gaia Clish 5 RJ45 port labeled 1 through which it is also possible to configure the Gaia Operating System on the Quantum Maestro Orchestrator Gaia Portal and Gaia Clish 6 Reset but...

Страница 25: ...capabilities 100 MbE to 1 GbE Notes n For more information see the l Quantum Maestro Quick Start Guide for MHO 175 and MHO 140 l Quantum Maestro Quick Start Guide for MHO 170 and MHO 140 n In MHO 140...

Страница 26: ...Ports Quantum Maestro Getting Started Guide 26 Orchestrator Model Location of the MGMT Port On the front panel On the rear panel MHO 175 N A MHO 170 N A MHO 140 N A...

Страница 27: ...ossible to connect to this interface an external USB storage device for software upgrade or file management Do not use excessive force when inserting or removing the USB storage device to and from the...

Страница 28: ...trator Model Location of the RS232 Console Port On the front panel On the rear panel MHO 175 N A MHO 170 N A MHO 140 N A You use this port for initial configuration and debugging Use a Terminal applic...

Страница 29: ...e proper ventilation to maintain good airflow at ambient temperature n Unless otherwise specified Check Point products are designed to work in an environmentally controlled data center with low levels...

Страница 30: ...fan units in the same rack need to have the same air flow direction A mismatch in the air flow affects the heat dissipation in the rack Static Rail Kit for MHO 170 and MHO 140 The Quantum Maestro Orc...

Страница 31: ...l kit Item Description A 2 x Rack mount rails B 2 x Rack mount blades that slide into the rack mount rails A C 8 x M6 standard cage nuts and 8 x M6 standard Phillips pan head screws D 4 x Phillips fla...

Страница 32: ...head screws D to secure the rack mount rails A to the Quantum Maestro Orchestrator You must use at least two of these screws on each side n You use the cage nuts and Phillips pan head screws C to secu...

Страница 33: ...Maestro Orchestrator to which you choose to attach the rails determines the Quantum Maestro Orchestrator s adjustable side The Quantum Maestro Orchestrator s part to which the blades are attached sho...

Страница 34: ...ht cage nuts C in the desired 1U slots of the rack Notes n The red frame on the image denotes the Quantum Maestro Orchestrator inside the rack n Install four cage nuts on each side of the Quantum Maes...

Страница 35: ...eft and right rack mount rails A to the left and right sides of the Quantum Maestro Orchestrator 2 Use the Phillips flat head screws D to secure each rack mount rail A to each side of the Quantum Maes...

Страница 36: ...s supporting the Quantum Maestro Orchestrator perform these steps Step Instructions 1 Mount the Quantum Maestro Orchestrator into the rack enclosure 2 Attach the mount rail ears E to the rack s posts...

Страница 37: ...nt blade ears F face the rack s posts correctly 2 Slide the rack mount blades B inside the rack mount rails A to fit your rack s depth 3 Attach the mount blade ears F to the rack s posts 4 Use the fou...

Страница 38: ...nnection is established When a logical connection is made the relevant port LED lights up To remove a cable disengage the locks and slowly pull the connector away from the port receptacle The LED indi...

Страница 39: ...Mounting the Quantum Maestro Orchestrator MHO 140 and MHO 170 in a Rack Quantum Maestro Getting Started Guide 39 MHO 140 Cable Orientation...

Страница 40: ...If after five minutes the System Status LED is lit in red color unplug the power cords and contact Check Point Support 4 Check the status of the Quantum Maestro Orchestrator LEDs see LED Notification...

Страница 41: ...GbE port into four 10 GbE ports see Splitting the Ports with Breakout Cables below Splitting the Ports with Breakout Cables In This Section Breakout Cables 41 MHO 175 Splitting Options 43 MHO 170 Spl...

Страница 42: ...Connecting Cables to Quantum Maestro Orchestrators Quantum Maestro Getting Started Guide 42...

Страница 43: ...colored green into four SFP28 ports In MHO 175 all port LEDs are located on the right side There are 32 LEDs that correspond to the 32 physical ports You can connect 1 to 4 breakout cables to physical...

Страница 44: ...assign these interfaces to Security Groups Example When you connect a breakout cable to the top port 8 interface eth1 29 you get Port Number on the Front Panel Interface Name in Gaia OS Port Name in G...

Страница 45: ...able to port 8 interface eth1 29 then in this LED indication mode 1 the port LED 8 shows the state of the interface eth1 29 Port 1 8 1 2 Only the second LED from the left is lit 2 Port LEDs show the s...

Страница 46: ...ports each When the top odd ports 1 to 29 colored green are in split mode the corresponding bottom QSFP28 even ports 2 to 30 are disabled colored red Important It is not supported to connect a breakou...

Страница 47: ...d After you connect breakout cables to the supported top ports you get four additional interfaces starting from the original interface name You assign these interfaces to Security Groups Example When...

Страница 48: ...same site Diagram Important It is possible to connect only two Quantum Maestro Orchestrators of the same model see MBS 5038 Best Practice Connect cables to the same Uplink and Downlink ports on the tw...

Страница 49: ...n 1 Network 1 connected to ports on the Networking Device 3 2 Network 2 connected to ports on the Networking Device 3 3 Networking Device router or switch that connects your Network 1 and Network 2 to...

Страница 50: ...terface ethX MgmtY on a Quantum Maestro Orchestrator to different Security Groups The assigned Management port has a different IP address and a different MAC address in each Security Group to which th...

Страница 51: ...ro Orchestrator 16 to the Security Appliance 30 20 A DAC cable Fiber cable with transceivers or Breakout cable that connects a Downlink port on the first Quantum Maestro Orchestrator 15 to the Securit...

Страница 52: ...curity Group 1 contains l Applicable Uplink ports to which the cables 10 and 11 are connected l Security Appliances 30 and 29 l Applicable management port or split interface to which the Management Se...

Страница 53: ...e Dual Port Card to a Downlink port on the first Orchestrator A 2 Connect a cable from Port 2 on the Dual Port Card to a Downlink port on the second Orchestrator B Connecting cables between Downlink p...

Страница 54: ...ard to a Downlink port on the first Orchestrator A 2 Connect a cable from Port 3 on the Quad Port Card to a Downlink port on the first Orchestrator A 3 Connect a cable from Port 2 on the Quad Port Car...

Страница 55: ...s only on this Bond interface 2 Configure a second Bond interface 5 on two slave ports This Bond interface connects Network 2 to the Quantum Maestro Orchestrators Configure the applicable settings so...

Страница 56: ...tum Maestro Orchestrator 16 Perform these steps 1 With cable 19 connect a Downlink port in our example Port 18 to the applicable port on the first Security Appliance 30 in the Security Group 1 31 2 Wi...

Страница 57: ...ps For more information that applies to MHO 175 see n Connecting to the Management Port with DAC or Fiber Cables n Connecting to the Management Port with Breakout Cables For more information that appl...

Страница 58: ...he Bond interfaces in the Security Group 1 a Connect to the Gaia Operating System on the Security Group 1 b Configure a Bond interface on the applicable two slave Uplink ports in our example Port 1 3...

Страница 59: ...C cable Fiber cable with transceivers or Breakout cable n The sections below provide a high level description Connecting to the Management Ports with DAC or Fiber Cables Important When you connect two...

Страница 60: ...o assign the same Management port interface ethX MgmtY on a Quantum Maestro Orchestrator to different Security Groups The assigned Management port has a different IP address and a different MAC addres...

Страница 61: ...o MHO 140 Quantum Maestro Getting Started Guide 61 Connecting to the Uplink Ports with DAC or Fiber Cables Example of a connection to default Uplink ports 5 to 26 Example of a connection to default Up...

Страница 62: ...network 2 that communicates with production network 1 1 through a Security Group configured on the Quantum Maestro Orchestrator 6 A DAC or Fiber cable with transceivers connected to an Uplink port in...

Страница 63: ...rted Guide 63 Connecting to the Uplink Ports with Breakout Cables Important It is possible to connect breakout cables only to the top ports 49 51 53 and 55 When the specific top ports are in a split m...

Страница 64: ...Security Group 30 6 A Breakout cable connected to an Uplink port in our example Port 49 on the first Quantum Maestro Orchestrator 8 See Breakout Cables on page 41 Notes n This cable splits the Uplink...

Страница 65: ...colored blue dash lines show connections to the second Quantum Maestro Orchestrator 12 n It is possible to configure some of the Downlink ports as additional Uplink ports See the Maestro Administrati...

Страница 66: ...Connecting Cables to MHO 140 Quantum Maestro Getting Started Guide 66 Connecting to the Downlink Ports with DAC or Fiber Cables Example of a connection to default Downlink ports 27 to 47...

Страница 67: ...able with transceivers connected to a Downlink port in our example Port 34 on the second Quantum Maestro Orchestrator 2 and to the applicable port on the Expansion Line Card on the Security Appliance...

Страница 68: ...orts as additional Downlink ports See the Maestro Administration Guide for your version Chapter Configuring Security Groups Section Configuration Procedure Section Configuring Security Groups in Gaia...

Страница 69: ...s to the ports on the Quantum Maestro Orchestrator s front panel the default configuration Important The Gaia Operating System on the Quantum Maestro Orchestrator does not let you configure the networ...

Страница 70: ...8 1 3 eth1 09 Port 1 3 1 19 dl73 Port 1 19 1 4 eth1 13 Port 1 4 1 20 dl77 Port 1 20 1 5 eth1 17 Port 1 5 1 21 dl81 Port 1 21 1 6 eth1 21 Port 1 6 1 22 dl85 Port 1 22 1 7 eth1 25 Port 1 7 1 23 dl89 Por...

Страница 71: ...Port 2 19 1 4 eth2 13 Port 2 4 1 20 dl77 Port 2 20 1 5 eth2 17 Port 2 5 1 21 dl81 Port 2 21 1 6 eth2 21 Port 2 6 1 22 dl85 Port 2 22 1 7 eth2 25 Port 2 7 1 23 dl89 Port 2 23 1 8 eth2 29 Port 2 8 1 24...

Страница 72: ...Port 1 X X for the first Quantum Maestro Orchestrator l eth2 XX and Port 2 X X for the second Quantum Maestro Orchestrator n The tables above show the default configuration before you connect breakout...

Страница 73: ...t 1 18 1 3 eth1 05 Port 1 3 1 19 dl37 Port 1 19 1 4 eth1 07 Port 1 4 1 20 dl39 Port 1 20 1 5 eth1 09 Port 1 5 1 21 dl41 Port 1 21 1 6 eth1 11 Port 1 6 1 22 dl43 Port 1 22 1 7 eth1 13 Port 1 7 1 23 dl4...

Страница 74: ...dl37 Port 2 19 1 4 eth2 07 Port 2 4 1 20 dl39 Port 2 20 1 5 eth2 09 Port 2 5 1 21 dl41 Port 2 21 1 6 eth2 11 Port 2 6 1 22 dl43 Port 2 22 1 7 eth2 13 Port 2 7 1 23 dl45 Port 2 23 1 8 eth2 15 Port 2 8...

Страница 75: ...1 X X for the first Quantum Maestro Orchestrator l eth2 XX and Port 2 X X for the second Quantum Maestro Orchestrator n The tables above show the default configuration before you connect breakout cabl...

Страница 76: ...1 6 eth1 06 Port 1 6 1 34 dl34 Port 1 34 1 7 eth1 07 Port 1 7 1 35 dl35 Port 1 35 1 8 eth1 08 Port 1 8 1 36 dl36 Port 1 36 1 9 eth1 09 Port 1 9 1 37 dl37 Port 1 37 1 10 eth1 10 Port 1 10 1 38 dl38 Po...

Страница 77: ...on the Front Panel Interface Name in Gaia OS Port Name in Gaia OS 23 eth1 23 Port 1 23 1 51 eth1 53 Port 1 53 1 24 eth1 24 Port 1 24 1 52 eth1 55 Port 1 52 1 25 eth1 25 Port 1 25 1 53 eth1 57 Port 1...

Страница 78: ...ort 2 34 1 7 eth2 07 Port 2 7 1 35 dl35 Port 2 35 1 8 eth2 08 Port 2 8 1 36 dl36 Port 2 36 1 9 eth2 09 Port 2 9 1 37 dl37 Port 2 37 1 10 eth2 10 Port 2 10 1 38 dl38 Port 2 38 1 11 eth2 11 Port 2 11 1...

Страница 79: ...rt 2 27 1 55 eth2 61 Port 2 61 1 28 dl28 Port 2 28 1 56 eth2 63 Port 2 63 1 Table Second MHO 140 ports and interfaces continued Notes n When you connect two Quantum Maestro Orchestrators MHO 140 for r...

Отзывы:

Нет отзывов

Похожие инструкции для 1U

Бренд: Watchguard Страницы: 40

Бренд: CAME Страницы: 4

Бренд: NAIM Страницы: 2

Бренд: DBM Страницы: 50

Бренд: Harman Kardon Страницы: 66

Бренд: Lattice Semiconductor Страницы: 15

Бренд: Qualys Страницы: 2

Бренд: Salus Страницы: 16

Ethernet Communication Module DVPEN01-SL

Бренд: Delta Electronics Страницы: 54

Magic WiFi mini Ek

Бренд: Devolo Страницы: 22

Бренд: CAP-XX Страницы: 8

Elite Controller

Бренд: RANA Systems Страницы: 328

BROADCAST POLLING FRAD BPF-14 BU

Бренд: DCB Страницы: 28

Бренд: ZyXEL Communications Страницы: 3

Бренд: XAVI Technologies Corp. Страницы: 63

Бренд: IBM Страницы: 64

Бренд: CopperOptics Страницы: 12

Бренд: ST Страницы: 37

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды