Checkpoint Firewall - Specifications

Overview

This part describes the specifications for deploying the Checkpoint Firewall.
This VNF is based on the CloudGuard image and provides Firewall functions. Supported deployment modes: single and dual.

Flavors

The available sizes of flavors for this VNF are shown below. These depend on the software images selected.

Flavors table for Checkpoint Firewall
	Standard	DPDK
Small	2 vCPU 4 GB Mem	2 vCPU 4 GB Mem
Medium	4 vCPU 8 GB Mem	4 vCPU 8 GB Mem
Large	8 vCPU 16 GB Mem	8 vCPU 16 GB Mem

In case of dual topology, a flavor can be selected for each virtual device making up a Virtual Network Edge.

Interfaces

The interfaces available are listed below:

Interface 1: Internet/Public interface with a Public IPv4 address (ip_address_1_global_1).
Interface 2: MPLS interface used to connect to Orange MPLS VPN via VLAN sub-interfaces (101 to 108).
For each VLAN sub-interface:
- VPN list (1..99 items):
  - VPN Name
  - VPN role: any-to-any, client, server
- BGP:
  - Enable/Disable BGP
  - AS prepend (integer 1..6)

Software device versions

Below are the software image versions available for this VNF on Orange SuperPop.

Cloudgard_Checkpoint_R81.20
Cloudgard_Checkpoint_R81.20_DPDK

Service specific parameters

VM AS number (2 or 4 bytes)
Disk size
Admin password
Maintenance password
SIC KEY

Licence

Only Bring Your Own Licence (BYOL) type is supported for Fortinet SDWAN. You need to purchase your software licence with Fortinet sales.

Security group

No default security group configured for Fortinet VNE model.

Overview​

Flavors​

Interfaces​

Software device versions​

Service specific parameters​

Licence​

Security group​