cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
BLD
Nickel

Migrate from AWS vSEC R80.10 to R80.30

Jump to solution

We have been using vSEC R80.10 succesfully in AWS. One instance with both gateway and management.

We got a notice that it will no longer be supported so we got the new R80.30 AMI from the AWS Marketplace.

We activated our licenses but it seems the new AMI does not include the management server. It says in the marketplace description:

"This BYOL distributed security gateway is managed from a central Security Management Server, which provides consistent security policy management, enforcement, and reporting AWS and hybrid deployments within a single pane of glass. The Security Management Server is not included in this offering. Please choose one of the CloudGuard IaaS Security Management offerings in AWS Marketplace."

Does this mean we now have to runt TWO EC2 instances instead of one?  This would double operating costs.

Any help to clarify this will be greatly appreciated.

 

 

0 Kudos
1 Solution

Accepted Solutions
Admin
Admin

Re: Migrate from AWS vSEC R80.10 to R80.30

Jump to solution
You are correct.
The R80.20 and R80.30 AMIs are either management OR gateway images that don’t support standalone installation.
We plan to support this again in R80.40.

In the meantime, you can continue to use your R80.10 instance.
We are removing it from the marketplace for new installs, but you can continue to use your existing instances.
4 Replies
Admin
Admin

Re: Migrate from AWS vSEC R80.10 to R80.30

Jump to solution
You are correct.
The R80.20 and R80.30 AMIs are either management OR gateway images that don’t support standalone installation.
We plan to support this again in R80.40.

In the meantime, you can continue to use your R80.10 instance.
We are removing it from the marketplace for new installs, but you can continue to use your existing instances.
BLD
Nickel

Re: Migrate from AWS vSEC R80.10 to R80.30

Jump to solution

Tech support could not figure this one out for about 10 days.
It is a change which is somewhat difficult to understand as it doubles the operating cost for clouds which only require a single firewall.  Even if one operates different sites or clouds, as in our case, we try to avoid dependencies between sites and therefore prefer that each site have its own manager.
So we will now have to deal with R80.30 in physical sites, where we use Open Server, and with R80.10 in AWS...

Not a huge deal, but an unwelcome mix.

Thanks very much and best regards!

0 Kudos
Employee+
Employee+

Re: Migrate from AWS vSEC R80.10 to R80.30

Jump to solution

Why? Its “transition” ...

more explanations:  In the past we supported AWS w regular Gaia but there are many limitations (all resolved w new linux 3.10 Gaia). So as of R80.20 the AWS is based on the 3.10 kernel which is GW (the management support of new gaia exist for a while but not integrated w this special gw branch). As of R80.40, the new 3.10 gaia is the only version and supports all modes and that ends the transition period. 

Solution: R80.40 is in early availability now and if you are interested, we can add you to the program. So if you do not want to change your configuration (split mgmt and gw), you should use R80.40 in EA or wait for GA... The GA, it is expected around the new year of 2020 so its not far off.

 

0 Kudos
BLD
Nickel

Re: Migrate from AWS vSEC R80.10 to R80.30

Jump to solution

Hi Dorit.

Thanks for the explanation and suggestions.

To avoid multiple transitions, I think it will be best to allow the short wait until GA of R80.40 to make the transition in AWS (if hopefully it will also allow importing the R80.10 configuration as R80.30 does).

When this is done and stable we will upgrade our R80.30 open server environment to R80.40 as well.

Regards from Madrid!

 

 

0 Kudos