Re: MDS 81.10 from 5150 to 6000XL

AleLovaz82

Hi

I have a primary and secondary MDS ,two 5150 with 5 CMA and 81.10 Take 152 and almost 11 TB of logs.
I have to move everything ,log included, on the new 6000XL

my idea.

cpstop on smart1-primary
change ip on smart1-primary ( to continue to reach it in SSH for copy script and so on )
launch an mds_backup

configure 6000XL with the old ip of smart1-primary and same hostname
restore with an mds_restore

In this way SIC and communications with all my firewall should be granted withouth any mod.

I don't know how to manage the copy of the 11TB of logs.
If I use the mds_backup ,included log,i probably don't have enough space to locally save the backup.

Is possible to mount a folder from the 6000XL to the 5150 and directly save tehe backup on the 6000XL ?

Or is better to proceed with the mds_backup/restore excluding log ( -l flag ,if I remember well ) and then use SCP to copy log from the old location to equivalent location on the new MDS

so for example from the "old"
[Expert@MDS:0]# cd /var/log/mds_logs
[Expert@MDS:0]# ls
CMA1 CMA2 CMA3 ...
to the new equivalent folders.

Amir_Senn

This won't work.

We have entire SK of how to migrate IP in MDS, this is not trivial.

Also, you're DB won't be aligned with the IP - changing the IP doesn't change the IP that gateways try to fetch policy and send logs, it's the IP in SmartConsole and for every CMA it has another IP.

You can see all the important points in the following:

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Installation_and_Upgrade_Guide/Top...

As for logs,

a. You can exclude logs in mds_backup (see Capture.PNG)

b. If you have much logs I would try to configure retention that answer your needs - might lower the amount of storage you use for logs. Also mind the indexing policy

c. You can move the logs to the server after the installation. The issue - they would need to be re-indexed. Re-indexing that much logs may take time and resources. See this SK for indexing: https://support.checkpoint.com/results/sk/sk111766

d. I know that you can mount external storage but I don't remember I tried with another CP server. You might find this useful: https://support.checkpoint.com/results/sk/sk66003#Upgrade

Kind regards, Amir Senn

AleLovaz82

i will use the same ip of the old MDS

Amir_Senn

I edited my answer with more information after I finished a meeting. You're welcomed to take a look.

Kind regards, Amir Senn

AleLovaz82

Also, you're DB won't be aligned with the IP - changing the IP doesn't change the IP that gateways try to fetch policy and send logs, it's the IP in SmartConsole and for every CMA it has another IP.

To be clear,I won't change ip.
I will use the same ip and hostname of the old Primary MDS so I should avoid all the problem related to changing ip/hostname.
I will change the ip of the OLD mgmt only for an SSH access to move the log

b. If you have much logs I would try to configure retention that answer your needs - might lower the amount of storage you use for logs. Also mind the indexing policy

I can't , the retention is configured as the customer asked,and so the indexing policy

c. You can move the logs to the server after the installation. The issue - they would need to be re-indexed. Re-indexing that much logs may take time and resources
the indexed log are less than 11 TB , is not a problem to manual reindex them , we index the last 15days for each CMA, but the customer want to store the old log on this machine

Are you a member of CheckMates?

MDS 81.10 from 5150 to 6000XL