You have a Geo-Protection policy blocking Australia and a number of other countries. Your network now requires a Check Point Firewall to be installed in Sydney, Australia.
What must you do to get SIC to work?
A.
Remove Geo-Protection, as the IP-to-country database is updated externally, and you have no control of this.
B.
Create a rule at the top in the Sydney firewall to allow control traffic from your network
C.
Nothing - Check Point control connections function regardless of Geo-Protection policy
D.
Create a rule at the top in your Check Point firewall to bypass the Geo-Protection
Nothing needs to be done to get SIC to work if there is a Geo-Protection policy blocking Australia and a network requires a Check Point Firewall to be installed in Sydney, Australia. SIC stands for Secure Internal Communication, and it is a mechanism that ensures secure and authenticated communication between Check Point components by using certificates issued by an internal Certificate Authority (ICA). SIC is not affected by Geo-Protection policy, which is a feature that allows administrators to block or allow traffic based on the geographic location of the source or destination IP address. Geo-Protection policy only applies to data traffic, not control traffic, and SIC uses control traffic to establish trust between Check Point components.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit