This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
surajshinde
Contributor
‎2021-07-12 02:08 AM

New Check Point Manager implementation.

Dear Team,

We have purchased new VM based check point Manager to achieve CP management  server redundancy . Currently we have one CP Manager in production at one location (Mumbai City , in Maharashtra State) whereas we want to place or new CP Manager in another location(Chennai City, TamilNadu State).

How we can achieve this?

Current CP Manager manages around 20 GWs and connect with it ILL.

Please suggest best.

0 Kudos
11 Replies
Ruan_Kotze
MVP Gold
MVP Gold
‎2021-07-12 03:33 AM

The management HA documentation would be a good starting point.

This video also gives a nice overview.

 

0 Kudos
surajshinde
Contributor
‎2021-07-12 04:09 AM
In response to Ruan_Kotze

Thank you Ruan_Kotze,

Both CP Managers are different location and different subnet. 

0 Kudos
_Val_
Admin
Admin
‎2021-07-12 04:15 AM
In response to surajshinde

It does not matter. Make sure the connectivity between them works, follow the documentation above.

0 Kudos
genisis__
MVP Silver
MVP Silver
‎2021-07-12 05:07 AM
In response to _Val_

I would also add, ensure there is enough bandwidth and the latency not high.

0 Kudos
_Val_
Admin
Admin
‎2021-07-12 05:15 AM
In response to genisis__

Not critical, but nice to have.

0 Kudos
genisis__
MVP Silver
MVP Silver
‎2021-07-12 05:21 AM
In response to _Val_

Agreed.

surajshinde
Contributor
‎2021-07-22 09:07 PM
In response to Ruan_Kotze

Thank you All. It works fine. 

But one challenge i am facing, We have test failover and when primary Check Point Manager down in that case we need to manual Active secondary Check Point manager then it act with read/write permission. 

Once primary came UP in that case both act as Active-Active. Is there any way to do this automatic. 

0 Kudos
genisis__
MVP Silver
MVP Silver
‎2021-07-24 03:24 AM
In response to surajshinde

I think what you talking about is when you get a collision message, in this case you have to do a full sync manually  ie. from Secondary to Primary (assuming the secondary was made active, and you have actually made changes).

 

0 Kudos
surajshinde
Contributor
‎2021-07-26 03:50 AM
In response to genisis__

Is there any way to achieve  automatic switch the mode Active to standby and Standby to Active between both Manager.

0 Kudos
PhoneBoy
Admin
Admin
‎2021-07-26 10:31 AM
In response to surajshinde

By design, failover for Management HA is designed to be a manual process.
It's not like ClusterXL where failover happens automatically.

0 Kudos
PhoneBoy
Admin
Admin
‎2021-07-12 08:57 AM

Worth noting a couple things: Management HA requires a second management license and  Management HA is no substitute for proper backups.
Provided you’ve taken appropriate backups, you can rebuild your management server if necessary.

See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
And: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events