Support Center > Search Results > SecureKnowledge Details
Using Custom Data to execute an initialization script when you launch your Check Point Security Gateway in Microsoft Azure Technical Level


It is now possible to create an initialization script that would be executed the first time you launch your Check Point Security Gateway instance in Microsoft Azure.
This initialization script can be used to set operating system configuration and to automate the Security Gateway's provisioning process.


It is assumed that the reader is familiar with general Microsoft Azure concepts and services.


When you launch an instance in Microsoft Azure, you can optionally pass your own custom data to it. The Check Point Security Gateway treats this data as an initialization script. This script can be used to modify operating system settings, as well as to replace the First Time Configuration Wizard configuration process.

Note: If no custom data is supplied at boot time, the machine will boot normally and you would need to complete its configuration manually.


Known Limitations

  • This feature is available starting from R77.30.

Configuration Flow

When the Check Point Security Gateway launches for the first time, it fetches the custom data from Microsoft Azure.

The Security Gateway saves the custom data to a temporary script file and then executes it. The output of the script is redirected to /var/log/cloud-user-data file.

Note: The script would only be executed when the instance boots for the first time.



Create your own initialization script to be executed when the instance first launches.

You can use the following script as an example:


clish -c 'set hostname HOSTNAME' -s

config_system -s 'install_security_gw=true&install_ppak=true&install_security_managment=false&ipstat_v6=off&ftw_sic_key=SIC_KEY'

shutdown -r now


Variable Usage
HOSTNAME The host name.
SIC_KEY Secure Internal communication key - a one-time key used to set up trust with Security Management Server.

This script:

  • Sets the host name
  • Uses the config_system utility to automate the First Time Configuration Wizard process
  • Reboots the instance to complete the installation

Pass the script to Microsoft Azure, when you launch the instance, as explained in Custom Data and Cloud-Init on Microsoft Azure article.

Additional Information and Resources



The output of the script is saved to the /var/log/cloud-user-data file.

This solution is about products that are no longer supported and it will not be updated

Give us Feedback
Please rate this document