Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
an_technical
Explorer

Migration from standalone to distributed setup

Hi Team,

I hope you are doing well. 

We have six gateway in our environment.

Four are connected to the management server, and two are running as standalone.

We are doing a hardware refresh and wanted to keep a single management server for the policy base for all gateway.

How can I move objects and policies from standalone to the new management server?

 

0 Kudos
3 Replies
CheckMatesAI

This answer is provided by Infinity AI Copilot and should be confirmed by reviewing official documentation in Support Center.

To migrate a policy from a standalone to a distributed setup in Check Point, you can follow these general steps:

  1. Backup and Preparation:

    • Back up your current management database on the standalone server.
    • Save a snapshot of your source standalone server to back up the entire configuration.
    • Collect the CPinfo file from your source standalone server for diagnostics.
  2. Setup New Environment:

    • Install a new secondary security management server using the same version, hotfix, and Jumbo Hotfix as the primary.
    • Configure the new security gateway in the same way as the gateway part on the old standalone security management.
  3. Policy and Traffic Management:

    • Install the same security policy that is used on the gateway part of the old standalone security management to the newly installed security gateway.
    • Move all traffic that was handled by the gateway part on the old standalone security management to the newly installed gateway and verify that the traffic and VPN access is working as expected.
  4. Finalize Migration:

    • Install the policy to all security gateways in the environment to make them aware of the new secondary management server object.
    • Disconnect and power off the old primary management server that is currently acting as management and gateway.
    • Promote the newly installed secondary management server to become primary.
  5. Verification:

    • Ensure that all gateways are sending logs to the new primary management server.
    • Verify that traffic and VPN access are working as expected.

For detailed instructions and considerations, you can refer to the Check Point Support Center for the specific SK article related to your version.

If you need further assistance or encounter any issues during the migration, feel free to ask!

0 Kudos
Tal_Paz-Fridman
Employee
Employee

Also look at https://support.checkpoint.com/results/sk/sk180923

How to migrate a policy package between Security Management servers

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events