This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Doeschi
Contributor
‎2018-04-18 02:24 AM
Jump to solution

R80.10 MDS on HP ProLiant Gen10

Hi all,

I've been odering new servers for our Check Point MDS to migrate to R80.10. Unfortunaly, I missed to check the HCL first and received HP ProLiant 380 Gen10 Servers. As you can imagine, the GAiA installation process fails when trying to access the disks, which is a RAID-1 of 2x 480 GB SSDs. Has anyone managed to install GAiA on such a platform?

UEFI Boot is disabled, Hyperthreading is disabled, x2APIC is disabled and USB 3.0 you can't disable, but start the installation with the 'nousb' kernel option.

Regards

Roger

1 Solution

Accepted Solutions
Doeschi
Contributor
‎2018-11-29 09:54 AM
Jump to solution

We've been upgrading to R80.20 last week on our production MDS which now (finally) runs natively on a HP ProLiant DL380 Gen10 Server. And everything with SSD RAIDs, those servers are monsters, performance-wise. MDSs and MLMs were never that fast before.

View solution in original post

10 Replies
Danny
Champion Champion
Champion
‎2018-04-18 03:53 AM
Jump to solution

You don't really want to run a critical IT-security component in your infrastructure, like your new Multi-Domain Security Management (MDSM), without vendor support, don't you? So forget to try installing GAiA directly on your new HP servers which causes a loss of Check Point support. Install VMware ESXi 6.5 instead and run MDSM as a VM host, which is supported via Check Point's HCL.

Doeschi
Contributor
‎2018-04-20 07:12 AM
In response to Danny
Jump to solution

Hi Danny,

I've actually been doing that in the last 3 days and managed to get it running with all the fiddling about larger disk partitions. Check Point really should improve the installation routine to support better hardware (HP Gen10 Servers with UEFI Boot as well as USB 3.0+ and HD Partitions bigger than 2TB)

Thanks & regards

Roger

0 Kudos
Danny
Champion Champion
Champion
‎2018-04-20 07:26 AM
In response to Doeschi
Jump to solution

Check Point is actually doing this as you can read here. The new Linux kernel has a lot of newer drivers already linked in thus allowing for newer servers to be supported soon.

0 Kudos
Doeschi
Contributor
‎2018-04-20 07:57 AM
In response to Danny
Jump to solution

Must have missed that, thanks for the info.

0 Kudos
Vladimir
Champion
Champion
‎2018-04-18 07:53 AM
Jump to solution

I agree with Danny.

There are another issues you are looking at: lack of support for SSDs and hyperthreading in current iteration of Gaia.

Taking ESXi route will allow you to not only create a supported abstraction layer, but will make your MDS portable and give you an opportunity to use VMware snapshots.

Marcos_Garcia
Participant
‎2018-04-18 08:33 AM
Jump to solution

I had the same issue with a customer that bought these appliances (gen9) for install a new r80.10 management server. Finally I had to pass the bios to legacy mode, this disabled the raid driver property of hp, and enable of "sata ahci support", after that install the gaia iso using the 2 hard drives without raid.

These sk were useful for me:

sk87704,sk108200

I hope this helps..

Vladimir
Champion
Champion
‎2018-04-18 09:42 AM
In response to Marcos_Garcia
Jump to solution

I am not sure if this is a good option. You are chancing CP's ire on HCL issue, losing RAID on business critical system and, if your drives are SSDs, bound to encounter performance deterioration.

Sandwiching the ESXi between unsupported hardware and Gaia solving these issues with the benefits described above.

0 Kudos
Marcos_Garcia
Participant
‎2018-04-20 01:42 PM
In response to Vladimir
Jump to solution

This hardware was a customer choice, not mine  

0 Kudos
Doeschi
Contributor
‎2018-04-20 07:14 AM
In response to Marcos_Garcia
Jump to solution

I have a pair of MLMs running on G9 Servers and 2 different RAID setups without problem. But unfortunately the Gen10 Servers changed a lot...

0 Kudos
Doeschi
Contributor
‎2018-11-29 09:54 AM
Jump to solution

We've been upgrading to R80.20 last week on our production MDS which now (finally) runs natively on a HP ProLiant DL380 Gen10 Server. And everything with SSD RAIDs, those servers are monsters, performance-wise. MDSs and MLMs were never that fast before.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top