> ## Documentation Index
> Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Check Point Security Gateway

> Overview of integrating Vectera Plus HSM with Check Point Security Gateway using PKCS #11.

This document provides information on configuring Vectera Plus HSMs with **Check Point Security Gateway** by using PKCS #11 libraries. For additional questions related to your HSM, see the relevant administrator’s guide.

## Application description

Check Point Security Gateway uses an HSM for outbound HTTPS Inspection.

The HSM holds the following objects for outbound HTTPS Inspection:

* The **Certificate Authority (CA) certificate** (certificate buffer + key pair). The administrator creates the CA certificate and key pair before configuring the Security Gateway to work with an HSM.
* **Two to three RSA key pairs** for fake certificates. The system creates these keys when you initialize the HTTPS Inspection daemon on the Security Gateway with 1024-bit, 2048-bit, or 4096-bit length.

## Guardian integration

The Guardian Series 3 introduces mission-critical viability to core cryptographic infrastructure, including:

* Centralization of device management
* Elimination of points of failure
* Distribution of transaction loads
* Group-specific function blocking
* User-defined grouping systems

See the applicable guide in the Futurex Portal for configuring HSMs with the Guardian Series 3, including PKCS #11 and CNG configuration.
