My notes on deploying Check Point CloudGuard IaaS solution on Azure

I was recently involved in an Azure deployment of Check Point CloudGuard IaaS solution so please allow me to describe some tips for remembrance.

There may be various reasons for one to deploy a security solution like this in any public cloud infrastructure, the main one being that usually it fits better customer’s cloud security requirements than using the provider native ones – and there are a lot of them out there!

The other reason may be that you are already accustomed to manage a solution from that provider on your on-premises infrastructure and want to keep the ease of management in a way that you prefer most. Or even… You may just want different vendors to analyse and secure your cloud environments.

Continue reading “My notes on deploying Check Point CloudGuard IaaS solution on Azure”

Azure P2S VPN routing caveats (with multiple VNet gateways)

I’ve recently worked with a customer that had an Azure Virtual Network Gateway in place to connect their remote workers (using native P2S functionality, supported under subnet 192.168.17.0/24) to both Azure and on-premises networks. Pretty usual setup, to be fair. Let’s say:

  • Virtual Network Gateway
    • Name: vpngwA
    • Virtual Network: vnetA (172.16.0.0/16)
  • Local Network Gateway
    • Name: lngwA
    • Remote Network: 192.168.0.0/24 (using S2S connection named “s2sA”)
Continue reading “Azure P2S VPN routing caveats (with multiple VNet gateways)”