cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Doeschi
Nickel

R80.10 MDS on HP ProLiant Gen10

Jump to solution

Hi all,

I've been odering new servers for our Check Point MDS to migrate to R80.10. Unfortunaly, I missed to check the HCL first and received HP ProLiant 380 Gen10 Servers. As you can imagine, the GAiA installation process fails when trying to access the disks, which is a RAID-1 of 2x 480 GB SSDs. Has anyone managed to install GAiA on such a platform?

UEFI Boot is disabled, Hyperthreading is disabled, x2APIC is disabled and USB 3.0 you can't disable, but start the installation with the 'nousb' kernel option.

Regards

Roger

1 Solution

Accepted Solutions
Doeschi
Nickel

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

We've been upgrading to R80.20 last week on our production MDS which now (finally) runs natively on a HP ProLiant DL380 Gen10 Server. And everything with SSD RAIDs, those servers are monsters, performance-wise. MDSs and MLMs were never that fast before.

10 Replies
Danny
Pearl

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

You don't really want to run a critical IT-security component in your infrastructure, like your new Multi-Domain Security Management (MDSM), without vendor support, don't you? So forget to try installing GAiA directly on your new HP servers which causes a loss of Check Point support. Install VMware ESXi 6.5 instead and run MDSM as a VM host, which is supported via Check Point's HCL.

Doeschi
Nickel

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

Hi Danny,

I've actually been doing that in the last 3 days and managed to get it running with all the fiddling about larger disk partitions. Check Point really should improve the installation routine to support better hardware (HP Gen10 Servers with UEFI Boot as well as USB 3.0+ and HD Partitions bigger than 2TB)

Thanks & regards

Roger

0 Kudos
Danny
Pearl

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

Check Point is actually doing this as you can read here. The new Linux kernel has a lot of newer drivers already linked in thus allowing for newer servers to be supported soon.

0 Kudos
Doeschi
Nickel

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

Must have missed that, thanks for the info.

0 Kudos
Vladimir
Pearl

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

I agree with Danny.

There are another issues you are looking at: lack of support for SSDs and hyperthreading in current iteration of Gaia.

Taking ESXi route will allow you to not only create a supported abstraction layer, but will make your MDS portable and give you an opportunity to use VMware snapshots.

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

I had the same issue with a customer that bought these appliances (gen9) for install a new r80.10 management server. Finally I had to pass the bios to legacy mode, this disabled the raid driver property of hp, and enable of "sata ahci support", after that install the gaia iso using the 2 hard drives without raid.

These sk were useful for me:

sk87704,sk108200

I hope this helps..

Vladimir
Pearl

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

I am not sure if this is a good option. You are chancing CP's ire on HCL issue, losing RAID on business critical system and, if your drives are SSDs, bound to encounter performance deterioration.

Sandwiching the ESXi between unsupported hardware and Gaia solving these issues with the benefits described above.

0 Kudos

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

This hardware was a customer choice, not mine  

0 Kudos
Doeschi
Nickel

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

I have a pair of MLMs running on G9 Servers and 2 different RAID setups without problem. But unfortunately the Gen10 Servers changed a lot...

0 Kudos
Doeschi
Nickel

Re: R80.10 MDS on HP ProLiant Gen10

Jump to solution

We've been upgrading to R80.20 last week on our production MDS which now (finally) runs natively on a HP ProLiant DL380 Gen10 Server. And everything with SSD RAIDs, those servers are monsters, performance-wise. MDSs and MLMs were never that fast before.