- CheckMates
- :
- Products
- :
- Quantum
- :
- Management
- :
- DB Revision in R80.10
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
DB Revision in R80.10
Hi,
Possibly a newbie question, but I'm trying to see how I can revert deleted objects in R80.10? In R77 if I took a DB Revision, then deleted a stack of objects, I could revert the revision and get the objects back. I can't see how that's done in R80.10, and sk113615 suggests it's not possible. Is this true, or am I missing something? I want to delete over 200 objects which I don't *think* are required any more, but it'd be comforting to know I can get them back easily if needed.
Thanks,
Matt
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is a very useful recent guide on revisions in R80.10 on CheckMates already:
R80+ Change Control: A Visual Guide
With a search you can find other helpful threads:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is a very useful recent guide on revisions in R80.10 on CheckMates already:
R80+ Change Control: A Visual Guide
With a search you can find other helpful threads:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
What I would suggest is either:
1. Use the detailed audit logs to recreate objects. See What are the features inside SmartConsole which contain integrated audit logs?
2. Use API tools like Python tool for exporting specific types of objects from the management server to recreate objects from a past revision in the current revision.
Generally the approach with R80 Security Management and above is, if you had a misconfiguration which failed connectivity after a policy installation, you can revert the installed policy on the Gateway while keeping the Security Management data up-to-date, allowing you to take the time and find the individual root cause while the organization lives with the last known good configuration. For more on this, see How to revert a Policy or discard changes?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It looks like Check Point removed the ability to take manual database revisions, I prefer to take my revisions BEFORE modifying objects, policies, etc rather than after. I've never understood the point of taking a database revision right before installing policy rather than before doing the work where you have a known successful policy that can then be pushed back to the gateways if needed.
***If there's a way of manually taking one in R80.x and I just don't know about it then I apologize.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Quite the contrary. R80 security management architecture takes automatic revisions upon every publish operation. The revisions are negligible in size and only contain the delta diff. Installing the last known good configuration on a gateway is available at the Installation History page and utilizes the automatic revisions. Please check the R80.10 security management architecture thread and let us know your comments of the new approach (in that thread).
