Template: 4 Days Check Point to Juniper Firewalls Migration

The estimated reading time for this post is 1 minutes


4 Days Juniper Firewalls Consultancy

 Scope of work

  • Install 2x Juniper SSG320M in first site
  • Replace existing Check Point firewalls with Juniper appliances
  • Install 1x Juniper SSG320M in second site
  • Configure VPN between sites
  • Configure for Remote Access with NCP client


  • Days 1 & 2– Configure Appliances ready for initial deployment
  • Day 3 – Complete Configuration of  Appliances & deploy to sites
  • Day 4 – Configure for Remote Access with NCP client


Initial Build

  • Full access to SSG320M Firewalls
  • Access to view current Check Point Configuration
    • Network configuration
    • Firewall policies
    • NAT rules
    • VPN setup
  • Build Environment to be available to configure Juniper appliances
  • Juniper Configuration to mimic Check Point configuration
  • Preshared key VPN to be configured between sites

Live deployment

  • Downtime required to deploy Juniper devices
  • Access to both firewalls required when deploying appliances (either remote or local access)
  • Surrounding switches/routers ARP tables may need clearing when deploying Juniper in place of previous Check Point appliances – either by:
    • CLI Access
    • reboot

Remote Access

  • Customer to have purchased NCP Secure Client – Juniper Edition
  • Customer device available to configure & test VPN connection
  • If Certificate based User Authentication required:
    • Certificate Authority to be already configured to issue certificates to Remote access users
    • Certificates to be issued to User Devices

Outside Scope

  • Any Other work outside of scope