EasyManua.ls Logo

Quantum CHECK POINT SPARK 1500 Series - User Manual

Quantum CHECK POINT SPARK 1500 Series
300 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
Loading...
Models: V-80, V-80W, V-81, V-81W, V-81WL, V-81WD, V-81R, V-81WLR, V-82, V-83 [Classification: Protected]
12 April2022
QUANTUM SPARK 1500,
1600 AND 1800
APPLIANCE SERIES
R80.20.40
Locally Managed
Administration Guide

Table of Contents

Question and Answer IconNeed help?

Do you have a question about the Quantum CHECK POINT SPARK 1500 Series and is the answer not in the manual?

Quantum CHECK POINT SPARK 1500 Series Specifications

General IconGeneral
BrandQuantum
ModelCHECK POINT SPARK 1500 Series
CategoryNetwork Hardware
LanguageEnglish

Summary

Quantum Spark 1500, 1600 and 1800 Appliance Series Overview

1500 Appliances

Overview of the 1500 appliance series, including models and capabilities.

1600 and 1800 Appliances

Overview of the 1600/1800 Security Appliances, capabilities, and management.

Getting Started

Setting up the Quantum Spark Appliance

Step-by-step instructions for physical setup and initial cable connections of the appliance.

First Time Deployment Options

Describes various methods for initial deployment and configuration of the SMB gateways.

Configuration and Upgrade Scenarios

Configuring Cloud Services

Steps to connect the appliance to Cloud Services for centralized management and monitoring.

Configuring a Guest Network

Guide to setting up a guest network with hotspot functionality for controlled access.

Configuring VPN

Configuring Remote Access VPN

Instructions for setting up remote access VPNs using various client options and authentication methods.

Configuring Site to Site VPN with a Preshared Secret

Steps to establish secure VPN tunnels between sites using a pre-shared secret for authentication.

Configuring Site to Site VPN with a Certificate

Steps to establish secure VPN tunnels using certificates for authentication between sites.

Managing Clusters

Procedures for setting up a cluster of two appliances for high availability and redundancy.

Configuring QoS

Steps to configure Quality of Service (QoS) policies for bandwidth management.

Appliance Configuration

The Home Tab

Overview of the Home tab in the WebUI, including system information and connection monitoring.

Controlling and Monitoring Software Blades

How to enable, disable, and monitor the status and statistics of installed software blades.

Setting the Management Mode

Configuration options for managing the appliance locally or centrally via a Security Management Server.

Configuring Cloud Services

Steps to connect the appliance to Check Point Cloud Services for management and monitoring.

Managing Licenses

Process for activating and managing appliance licenses for software blades.

Managing Active Devices

Displaying and managing devices identified in internal networks, including blocking and object creation.

Viewing Monitoring Data

Accessing network, security, and troubleshooting information and statistics through the Monitoring page.

Using System Tools

Utilizing various system tools for monitoring resources, network, and generating diagnostic files.

Managing the Device

Configuring Internet Connectivity

Steps to configure single or multiple internet connections, including WAN, DMZ, LAN, and cellular options.

Configuring Wireless Network

Setting up and managing wireless networks, including guest networks, VAPs, and wireless schedulers.

Configuring the Local Network

Configuration of local network connections, switches, bridges, VLANs, and alias IPs.

Configuring High Availability

Procedures for creating and managing clusters of appliances for high availability and redundancy.

Advanced Settings

Accessing and configuring advanced settings for various blades and system components.

Managing the Access Policy

Configuring the Firewall Access Policy and Blade

Setting up the default access policy, including firewall rules, application control, and user awareness.

Firewall Policy

Defining the default access policy modes (Strict, Standard, Off) and configuring outgoing services.

Application & URL Filtering

Defining how to handle applications and URL categories, including blocking security risks and inappropriate content.

User Awareness

Enabling and configuring User Awareness for user identification, logging, and policy enforcement.

Working with the Firewall Access Policy

Managing the Firewall Rule Base, creating, editing, and deleting rules for traffic inspection.

Defining Firewall Servers

Creating, editing, and deleting server objects for access and NAT policies.

Defining NAT Control

Configuring NAT for outgoing traffic, including Hide NAT and manual NAT rules.

Inspecting VoIP Traffic

Configuration

Steps to configure VoIP inspection, including SIP provider settings and on-premise devices.

Managing Threat Prevention

Configuring Threat Prevention Blade Control

Activating and configuring IPS, Anti-Virus, Anti-Bot, Threat Emulation, and Anti-Spam blades.

Configuring Threat Prevention Policy Exceptions

Creating exception rules to bypass SSL inspection for specific traffic handled by IPS and malware engines.

Advanced Threat Prevention Engine Settings

Configuring advanced settings for IPS, Anti-Virus, Anti-Bot, and Threat Emulation engines.

Configuring the Anti-Spam Blade Control

Activating and configuring the Anti-Spam engine to block or flag spam emails based on source or content.

Managing VPN

Configuring the Remote Access Blade

Setting up secure encrypted connections for remote access using VPN clients or SSL Network Extender.

Configuring the Site to Site VPN Blade

Activating and configuring VPN tunnels for secure site-to-site connectivity.

Managing Trusted CAs

Adding, editing, and exporting Certificate Authorities (CAs) for VPN and WebUI certificates.

Managing Installed Certificates

Creating, managing, and uploading appliance certificates for VPN, SSL VPN, and Web portal.

Managing Internal Certificates

Viewing and reinitializing internal VPN certificates and managing the internal CA.

Managing Users and Objects

Working with User Awareness

Enabling and configuring User Awareness for user identification, logging, and policy enforcement.

Configuring Local Users and User Groups

Creating and managing local users and user groups for access policy and remote access permissions.

Configuring Local and Remote System Administrators

Managing local and remote administrators, roles, session timeouts, and QR code generation.

Managing Authentication Servers

Defining RADIUS and Active Directory servers for user authentication and access.

Managing Applications & URLs

Defining application groups, custom applications, and URLs for use in the access policy.

Managing System Services

Adding, editing, and deleting system services and network protocols for security policy and routing.

Managing Network Objects

Creating, editing, and deleting network objects like IP addresses, ranges, networks, and domains for policy definition.

Logs and Monitoring

Viewing Security Logs

Accessing and searching the last 100 security log records, with options to refresh and stop logging.

Storing Logs

Configuring local and external storage for logs, including SD card formatting and log deletion.

Viewing System Logs

Accessing system logs for troubleshooting, viewing event types, and downloading or saving log snapshots.

Configuring External Log Servers

Setting up external log servers for security and system logs, including Check Point Log Server and Syslog configuration.

Viewing VPN Tunnels

Monitoring current VPN tunnels, their status, and configuration details.

Viewing Active Connections

Displaying a list of all active network connections, including protocol, source, and destination details.

SNMP

Configuring SNMP settings, users, traps, and trap receivers for network monitoring and alerts.

Advanced Configuration

Upgrade Using a USB Drive

Instructions for upgrading the appliance firmware using a USB drive without a console connection.

Upgrade Using an SD Card

Steps to upgrade firmware or auto-configuration files using an SD card on specific appliance models.

Restoring Factory Defaults

Restoring the appliance to its factory default image and settings via WebUI, Boot Loader, or back panel button.

RESTful API

Enabling and disabling the REST API

Commands to enable or disable the REST API on the gateway via Gaia Clish.

Request Structure

Details on HTTP POST requests, including URL format, default port, and required headers.

Response Structure

Information on success and failure response structures, including HTTP status codes and JSON content.

REST API Commands

Details on common REST API commands like Login, Logout, Generate-Report, and Run-Clish-Command.

Related product manuals