Support Center > Search Results > SecureKnowledge Details
Network Access with Harmony Connect Technical Level
Solution
Note: This feature is at Early Availability. To request this capability, please fill up this form.

Check Point's Harmony Connect provides secure access and prevents threats for anyone, anywhere, going to the Internet and to corporate applications.

Customers can connect their corporate access to Check Point's Harmony Connect by deploying a Connector at each of their corporate data centers or cloud networks. The Check Point Connector is a lightweight software that automatically creates tunnels to Check Point's Cloud and provides access to corporate applications for the connected branch sites and remote users.

Current product limitations (while in EA):
  1. Windows client only supported, client UI will be released before GA 
  2. Current product supports both internet access and VPNaaS operation. Internet Access cannot be disabled at the moment, it will be supported before GA. 
  3. Connector is supported over Ubuntu 18.04 and 20.04

To add a connector:
  1. Navigate to Assets > Sites.
  2. Add a new site of type Data Center & Cloud Networks
  3. When the site is ready, click View Instructions to get the connector configuration instructions
The connector requires outbound-only access from the host that runs the connector to the Internet, on selected ports that appear in the configuration instructions. It is recommended to have the target destination set to the Internet, however, if you wish to limit the destinations to a closed list, please use all of the below:

1. DNS Traffic at Check Point's Cloud

  1. EMEA address
    grpc-prod-eu.connect.checkpoint.com
  2. Americas address
    grpc-prod-us.connect.checkpoint.com
  3. APAC address
    grpc-prod-apac.connect.checkpoint.com

2. Port 444 Traffic at Check Point's Cloud

  1. EMEA addresses 
    3.124.53.177
    3.126.203.189
  2. Americas addresses 
    35.164.242.69
    54.203.237.188
  3. APAC addresses 
    13.124.32.124
    15.165.101.61

3. Branch Office Cloud Locations

For each connected branch office, Check Point provides two or more tunnel addresses.

To get the tunnel addresses of each branch:

  1. Navigate to Assets > Sites.
  2. Click a branch site's menu and select View Instructions to get the connector configuration instructions
  3. Copy the tunnel addresses from the instructions.
Alternatively, you can use the show-sites API command at Harmony Connect API.
Do this for each of the branch offices. When you add more branch offices, make sure to copy these destinations and apply them as outbound destinations for the host that runs your connectors.

4. Remote Users Cloud Locations

For connected remote users, you can select one or more Cloud Locations:
  1. Navigate to Assets > Users & Devices.
  2. Click  Cloud Locations.
Check Point provides several addresses for each cloud location. These addresses are dynamic and can vary between customer accounts. If you need to get the exact addresses used by your Infinity Portal account, you can request these with a support ticket for Check Point Harmony Connect. Please mention your Account ID as seen on Global Settings > Account Settings.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment