Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vladimir
Champion
Champion

Current state of MDS R80.10 and should we wait for R80.20?

I could not help but notice number of issues brought-up in this forum regarding MDS R80.10:

1. Problems with backups MDS backup fails on R80.10 Solutions for backup/restoring individual MDS Domains.

2. Problems with revisions Revisions Management in R80.x 

3. Problems with MLS MDS Logging 

4. Problems (or unreasonable behavior by design), in MDSE: SmartEvent in mixed multi domain environment 

5. Problems with DMS monitoring indicators validity and state manipulation: Domain Server Status in Smartconsole 

6. Problem with Using More than one Interface on a Multi-Domain Server

One of my large clients is looking to migrate their R77.20 MDS to R80.10 and I am a bit concerned that the process and the results will be less then optimal.

I would like to get feedback from those who have already taken the plunge to make an informed decision.

Thank you,

Vladimir

0 Kudos
9 Replies
Eran_Habad
Employee
Employee

Hi Vladimir Yakovlev‌,

My name is Eran and I'm a manager in the R&D of Check Point.

I would like to thank you for sharing your concerns in the community regarding R80.10.

I can guarantee you that R&D is working hard to make sure R80.10 will not provide our customers results which are less than optimal. We see more and more happy customers upgrading from R77.X to R80.10 in order to enjoy many new and useful features. 

Yet, as expected in such a major release some customers encounter issues and approach our Support. R&D is deeply involved in analyzing issues from the field and we make sure to proactively find and fix such issues to include them in latest Jumbo.

If you would like to share specific concerns so we could be able to address them, feel free to approach me directly.

Thanks,

Eran 

0 Kudos
Vladimir
Champion
Champion

Eran,

Thank you for your reply and the offer to get in touch with you directly.

I may just do so if my client decides to proceed with R80.10.

I have no doubt about advantages the new release offers and in smaller deployments, do not hesitate to recommend it.

But as a consultant charged with producing SoWs, it is hard for me to accurately gauge the time required for successful upgrade if there is a chance that R&D will be involved.

Internally, for organizations with ample resources and no time limit imposed on consultant engagements, it is still a better proposition to go with R80.10.

Regards,

Vladimir

0 Kudos
Kaspars_Zibarts
Employee Employee
Employee

Hi, we have been running it from March starting with R80 and despite couple of problems that we had (i.e. backups - now all resolved, revisions was not too big concern for us and easy to maintain, MLS? if you meant log server then the only issue was inability to upgrade MLM from R80 to R80.10, fresh install only option) I would strongly recommend upgrading to R80.10. For us it was a lifesaver in many aspects - ability to upgrade VSX boxes to 64bit kernel on VS unlocking memory limitations of 32bit kernel, concurrent administrator option, GUI experience in general is much better.

Some small things to keep in mind:

MDS restore time is considerably longer (for us it went from ~half an hour on R77.30 to well over 1hr in R80.10). Depends on your disaster recovery requirements.

Far away administrator experience can be very flaky - we have administrators sitting other side of the world from MDS with 180ms latency between client and server and they are unable to use SmartDashboard. It's too slow. The only solution is to get local terminal server for them.

Log search seem to slow down over time and we need to reboot MLM from time to time to get it going again. Haven't had time to dig into it and/or raise an SR, but seems some memory leak..

Good luck!

Kaspars

Vladimir
Champion
Champion

Kaspars,

Thank you for detailed reply.

I'll keep your notes for references during my assessments of clients' particular situations and will bring your experiences to their attention.

0 Kudos
Vladimir
Champion
Champion

Kaspars, when you are writing that the problems with backups are all now resolved, are you implying that we can now backup and restore individual DMS'? How about object databases, are you able to recover previous object configurations without tracing changes and reverting manually?

0 Kudos
Kaspars_Zibarts
Employee Employee
Employee

Sorry Vlad - been away on holiday for nearly 5 weeks.. no work and no computer yay! Just having beer and wine instead Smiley Happy All I meant to say that there were some wrong profiles/schemas selected when trying to create MDS backup that resulted in failure. I think it was relevant only to those who went with R80 first and then upgraded to R80.10. This is just a full MDS backup backup/restore. Nothing tricky

0 Kudos
Vladimir
Champion
Champion

Welcome back and I am green with envy (just kidding Smiley Happy), high time for me to take a month off. May brave it by going to Russia for friend's birthday.

On the subject though: can you tell me if we are still limited to a full MDS backup and restore and do not have a capability of performing those actions on a DMS (CMA) level? I recall that being an issue that I had trouble with.

Also, the versioning of the policy and objects: are those now combined, or are we still retaining the latest objects' properties irrespective of the version of the policy we are rolling back to?

Thank you.

0 Kudos
Kaspars_Zibarts
Employee Employee
Employee

In all honesty we never used version rollback. Just full MDS. So I can't really answer your questions Smiley Happy still recovering from holiday hangover haha

0 Kudos
Vladimir
Champion
Champion

Thing to add regarding R80.10:

"There is a known problem, discovered in the last few months, with LVM_Manager and R80.10 where it doesn't stop all the needed processes before expanding the disk.  I believe the SK about this is internal only.  I've been told the only solution is to get a DB and OS backup and rebuild the guest." from https://community.checkpoint.com/thread/6439-report-server-wont-boot-cant-get-into-maintenance-mode 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events