Maximum Physical Interface on CPFW

[erwinerwinerwin]

Hi all,
we're planning to use checkpoint firewall on an open-server (preferable) or any platform and probably we're gonna use up to 24 port gigabit ethernet interface, is there any suggestion regarding any server that possible to use (and preferably on checkpoint certified hardware list).

Thanks

[chillyjim]

I don't know of any open-server that support 24 interfaces.
The Crossbeam's will support it, but that's still a lot of interfaces for one firewall.

[Adam Carter]

So you need 6 slots with quad gig eth cards. How about an HP DL580 G4/G5 (check the compatibility tho).
Check Point Software: Hardware Compatibility List -

Also check other vendors offerings in the 4-6 RU range. Boxes that size usually have plenty of slots.

But - have you thought about 802.1q trunks instead?

[lammbo]

Yeah, what they said... That's a lot of physical interfaces, you should use sub-interfaces and 802.1q tags to support more networks. This is a very common setup and very easy to do in SPLAT. I'm recommending you go with a DL-380 with 3 Quad-port Intel cards, this is what I have been using for a few years now without issue.

I always use the 2 built-in ports as a single network. 1 For external and the other for HA SYNC. I divide the Intel ports up into multiple segments to keep things nice and clean.

Always remember to check the latest HCL for compliance before buying.