Test cases for new Check Point deployments 📕
Checks to be performed prior to migration
📌 Check of end users monitoring system (everything green?)
📌 Check of end users most import traffic connections (end user has to provide a check list)
📌 Run CPCheckMe security self-test
📌 Run Check Point Hardware Diagnostic Tool
📌 Run Gaia Healthcheck script (everything green?)
📌 Run ccc on all Check Point systems (no warnings?)
📌 Can the security policy be installed without any issues?
📌 Are there any error messages on the firewall or system logs?
📌 Are there any errors in the LOM service processor (everything green)?
📌 What is the ARP refresh time of the next-hop switches? Should be a low setting during the migration
📌 What was agreed in the kick-off protocol? Is everything prepared as discussed?
📌 Are the end users employees and C-level informed about the migration schedule and possible downtime?
📌 Do you have a fallback scenario planned?
📌 Are the end users VPN remote users informed to update the VPN client configuration and who to contact if something fails?
📌 Are all the PSKs and other VPN configuration details from the old firewall environment known?
📌 Are the end users VPN partners informed to be available in case the VPNs don't get up correctly and need to troubleshooted?
📌 Is the maintenance window for the planned migration long enough to be able to fix minor issue in case they occur? (you want a migration success and no second chance, right?)
📌 Are the licenses and contract in the Check Point UserCenter correctly assigned, documented and downloaded?
Checks to be performed after migration
✅ Check of end users monitoring system (everything green?)
✅ Check of end users most important traffic connections
✅ Run CPCheckMe security self-test
✅ Run Gaia Healthcheck script (everything green?)
✅ Run Check Point Hardware Diagnostic Tool
✅ Run ccc on all Check Point systems (no warnings?)
✅ Can the security policy be installed without any issues?
✅ Are there any error messages on the firewall or system logs?
✅ Are there any errors in the LOM service processor (everything green)?
✅ Can all Check Point systems properly communicate to Check Point services? (sk83520)
✅ Do all Check Point SmartConsole components work properly? (SmartView, Monitoring, Logs, Reports, Hit count etc.)
✅ Is everything properly documented? Even in the Gaia WebUI (Interfaces, Routes, ..)?
✅ Are the Check Point default passwords changed to secure ones? Was the end users password policy configured?
✅ Are there any default settings left that haven't been discussed yet with the end user?
✅ Are scheduled backups / migrate exports properly configured and performed?
✅ Did the end user receive a proper documentation / migration protocol?
✅ Did the end user confirm the migration success?