Checkpoint 156-315.81 Exam With Confidence Using Practice Dumps

Security Gateway Clusters in Load Sharing mode are not supported by the Central Deployment feature in R81.20 SmartConsole. According to the Check Point R81.20 Known Limitations article1, Central Deployment in SmartConsole does not support:

• Connection from SmartConsole Client to the Management Server through a proxy server. In this case, use the applicable API command
• ClusterXL in Load Sharing mode
• VRRP Cluster
• Installation of a package on a VSX VSLS Cluster that contains more than 3 members.
• On Multi-Domain Servers: Global Domain, or the MDS context
• Standalone server
• Standby Security Management Server or Multi-Domain Security Management
• Scalable Platforms 40000 / 60000
• SMB Appliances

The other options are supported by the Central Deployment feature in R81.20 SmartConsole. Dedicated Log Server, Dedicated SmartEvent Server, and Security Gateways/Clusters in ClusterXL HA new mode can be selected as targets for installing packages using the Central Deployment wizard.

To simplify security administration when working with multiple Security Gateways enforcing an extensive number of rules, you would choose to create a separate Security Policy package for each remote Security Gateway. A Security Policy package is a set of rules and objects that can be assigned to one or more Security Gateways. This allows you to manage different policies for different gateways from the same Management Server1. The other options are either not effective or not feasible for simplifying security administration. References: Check Point R81 Security Management Administration Guide

The traffic is handled by the Accelerated Path. According to the R81.x Security Gateway Architecture (Logical Packet Flow)1, the Accelerated Path is the fastest path for processing packets, as it bypasses most of the inspection and uses SecureXL to accelerate the traffic. The Accelerated Path is used for connections that are established, compliant with the security policy, and do not require any content inspection or NAT1.

The Application Control blade inspects the traffic based on the application identity, which is determined by the Application Control Software Blade in the Medium Path1. However, once the application identity is established, the connection can be offloaded to SecureXL and handled by the Accelerated Path2. This way, the Application Control blade can improve performance and reduce CPU consumption2.

The other paths are not used for this traffic because:

• The Slow Path is used for packets that are not compliant with the security policy, require stateful inspection or NAT, or are not supported by SecureXL1. This path involves the most inspection and processing, and is therefore the slowest3.
• The Fast Path is used for packets that are trusted and do not require any inspection or NAT. This path bypasses both SecureXL and the Firewall kernel, and uses a kernel module called simfast to forward the packets directly to the network interface driver4. This path is not enabled by default, and requires manual configuration of rules to define which traffic can use it4.
• The Medium Path is used for packets that require content inspection, such as IPS, Anti-Virus, Anti-Bot, URL Filtering, or Application Control1. This path uses SecureXL to accelerate some parts of the inspection, but still involves some processing by the Firewall kernel3. This path is only used for the first few packets of a connection until the application identity is established, and then the connection can be offloaded to the Accelerated Path2.

References: : Control SecureXL / CoreXL Paths - Check Point CheckMates : What is CoreXL & SecureXL – jermsmit.com : R81.x Security Gateway Architecture (Logical Packet Flow) : SecureXL and Application Control Layer - Check Point CheckMates