Check Point ElasticXL
ElasticXL is a new clustering technology in Check Point R82 designed to simplify operations and enhance performance for scalable security gateways. It introduces a Single Management Object (SMO), where one gateway acts as a “pivot” member that automatically synchronizes configuration and software across all other cluster members.
Installation
To enable ElasticXL, devices need to be in clean install state, and then we can enable ElasticXL on initial setup on the First node of the cluster.
On the Gaia Portal, the platform now says ‘Check Point ElasticXL’
Add the device to SmartConsole as a gateway object, not as any cluster object
And now we have a running ElasticXL cluster with only 1 device
Adding Cluster Members
To add cluster member, all we need to do is install R82 on the security gateway, we don’t even need to run the first installation wizard
The new member should show up as Pending Gateway on the first node
Add it to existing site
ElasticXL supports a maximum of 3 Cluster Members on each site
On SmartConsole side, it doesn’t really aware about this cluster, all it knows is there’s only one gateway registered, even though actually it is a cluster with 3 members behind it. This is what Check Point calls SMO (Single Management Object)
There’s also a new tool called Insights that can be run on clish, this gives us information regarding the cluster
If there’s a failure on the member 01, the next member will take over as the role of managament
The filure event is also shown on the Insights
If we bring back member 01 up, it’ll automatically take over the management role again
In ElasticXL, one “Pivot” gateway acts as the entry point for all network traffic, receiving incoming connections. It then intelligently distributes these connections across all active ElasticXL cluster members using an internal distribution matrix, similar to Maestro. So effectively its a load sharing active-active configuration. To see which member handles the traffic, there’s a ConnView Tool on the Insights
