Im pretty positive it does and here is reason I say that...2 years ago, dont ask me why and how this happened and we even had TAC case, went to escalations and no one could figure it out...we had customer and one day out of the blue, they cant log into smart console. We did bunch of troubleshooting, did cpstop/start, reboot, nothing...cpm would simply never come up. After some time, TAC discovered that some database files were "missing", but no one knows why that happened...thank God we had backup and after restoring, we reinstalled same jumbo and bam, back in business.

same question as @Chiko_Phiri   

- for a single management system, is that applicable backup to rebuild a Smart-1 appliance?   

- for a single management system virtual machine (vMWare ESXI), what would be the recommended backup or schedule cadence  with the considerations of VM snapshots being possible?

- For HA management (two Smart-1 appliances in different geo-locations), what would be the recommendations and schedule cadence knowing the odds of failure of both appliances is lessen?

Really glad this subject came up as I was literally discussing with some co-workers last week about what are some best practices for management.  

Check the SK I pasted above for details.

System backup is enough to restore the applicable server. However, you would still need to install Gaia OS to the same Jumbo Hotfix level as previously. Snapshot also backs up the binaries, but system backup does not.

What comes backing up the secondary management server, you can always synchronize it with the primary. Even if you have older snapshot or just a clean installation of the secondary server you can sync it with the primary. However, in large environments I would back up both with the same cadence as having up-to-date backups from both would speed up the restoration process.

JUST in case (knock on wood), if need be, below is procedure to get mgmt up and going if its totally hosed.

This procedure assumes that you have the files. Many of my customers I have worked with had nothing else than a gateway. 🙂

Tell me about it lol

Actually, I sometimes use the gateway as SCP recipient of SMS backups. They have plenty of space in /var/log, are often in the same management space than the gateways and are more reliable than an external file server shared with other services. Just remove older backups every now and then.

Yeah - but I am keen to know on that advanced part about getting rules back from just a files. I mean that would be interesting.

Not just that, I am afraid. This procedure is for R77.x and below. 

It does. Refer to the following sk for comparison between different backup methods.

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

I have 2 mgmt servers in AWS, I manually do a migrate_server export twice a week on both of mine and copy them out to a server.

When we migrated from R80.30 to R81.10, that is how we moved the db from one version to another.

That is indeed supported method CP recommends for Azure/AWS as well.

My experience has not been so pleasant. Our MDS is heavy and due different "events" we had to restore a new VM, import the backup, move the public IPs... and a long etc. (THANKS CheckPoint support team!).

But I wonder if we have simple VMs with the MDS (primary and secondary), would be possible to perform snapshots with the native services?

The problem with using these backups is that you may end up with a backup in an inconsistent state.
Which is why they are only recommended to use when the VM is powered down.
Otherwise, it's better to use one of the official Check Point methods for backup.