This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Andy_N
Contributor
‎2018-03-15 11:20 PM

Restore from backup

Hi,

I’m testing restoring Checkpoint form backup and faced with some issues.

I’ve got an old snapshot and actually backup of management server (MS).

I tried to revert MS from snapshot, install all hotfixes and after restore from backup (performed by Gaia ).

After all operations have been completed I noticed that security policy not been restored.

Policy was as in snapshot, not as in actually backup.

 

What do I wrong?

System is R80.10

 

Regards

6 Replies
G_W_Albrecht
Legend Legend
Legend
‎2018-03-16 01:58 AM

Nearly everything we need to know about Backup on GAiA can be found here: Best Practices - Backup on Gaia OS  

Seems that the "Backup" you used has been corrupted, as it should contain the latest system configuration with all recent network and security configuration. For SMS i find that migrate export is the most convenient backup method.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Gaurav_Pandya
Advisor
‎2018-03-16 06:04 AM

Hi,

You can check the logs during import of snapshot, may be you can get something which is helpful to troubleshoot further.

As suggested by Gunther, migrate export method is the best and most effective one.

0 Kudos
Timothy_Hall
Legend Legend
Legend
‎2018-03-19 10:18 AM

I believe the OP is referring to the fact that the restore of a backup on the gateway itself does not automatically bring back the last installed security policy, and a reinstall of policy from the SMS to the gateway is necessary to get traffic flowing again.  I'd say this is expected behavior, since a backup only has "configuration" data stored in it, not "state" data such as the last installed policy.

However upon revert of a snapshot on a gateway, it brings everything back including the state of the gateway's installed policy since a snapshot is essentially a full image of the system minus firewall logs.

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Nicholas_Sherid
Contributor
‎2018-12-02 02:17 AM
In response to Timothy_Hall

Hi guys,

I have automated by deployment of my management system, with the setting of a password from retrieval from the password vault and I can bring stand up a new managent platform in about 15 mins or so which I am happy about, but I really wanted to automate the patch installation and either snapshot recovery so I can basically redeploy the management platform from the last known good image in one touch, ideally having a option to choose what version you wanted to restore.  I'd rather not troubleshoot and just redeploy.   

I guess the snapshot restore would include the patches and stuff so ideally I'd like archive off snapshots to independant storage and add a restore of the snapshot to my deployment scripts.  The net effect being I can basically end up version controlling the management system.  Is there any special handling on snapshots we need to be aware of - I assume you can transfer the snapshot onto remote storage, then move it back to a new system and recover right?

Also the gaia gui is really nice, but I'd rather be working on a CLI as I can track script changes in version control (git) and so on and better handle output - any tips there?

Thanks!

0 Kudos
PhoneBoy
Admin
Admin
‎2018-12-02 06:05 PM

When a gateway boots, it tries to fetch last installed policy from management.

If the management is unreachable, it will use the policy last installed.

If no policy was installed or the license has expired, the device loads the "default filter" which denies almost all traffic (except basic management traffic).

So if you restored your Security Management Server from an old backup and rebooted one of your gateways, the fact it would restore an older policy--the one reflected in the backup--is expected behavior.

0 Kudos
_Val_
Admin
Admin
‎2018-12-03 12:00 AM

The described issues is not clear. 

1. I understand you have restored Security Management server. Which policy package was lost? One that was defined and committed before taking your backup?

2. When saying snapshot, do you mean VMware or Gaia snapshot?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events