cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

DB Revision in R80.10

Jump to solution

Hi,

Possibly a newbie question, but I'm trying to see how I can revert deleted objects in R80.10?  In R77 if I took a DB Revision, then deleted a stack of objects, I could revert the revision and get the objects back.  I can't see how that's done in R80.10, and sk113615 suggests it's not possible.  Is this true, or am I missing something?  I want to delete over 200 objects which I don't *think* are required any more, but it'd be comforting to know I can get them back easily if needed.

Thanks,

Matt

0 Kudos
1 Solution

Accepted Solutions

Re: DB Revision in R80.10

Jump to solution

There is a very useful recent guide on revisions in R80.10 on CheckMates already:

R80+ Change Control: A Visual Guide

With a search you can find other helpful threads:

R80.10 Policy Revision 

Revisions Management in R80.x 

4 Replies

Re: DB Revision in R80.10

Jump to solution

There is a very useful recent guide on revisions in R80.10 on CheckMates already:

R80+ Change Control: A Visual Guide

With a search you can find other helpful threads:

R80.10 Policy Revision 

Revisions Management in R80.x 

Re: DB Revision in R80.10

Jump to solution

Hi,

What I would suggest is either:

1. Use the detailed audit logs to recreate objects. See What are the features inside SmartConsole which contain integrated audit logs?  

2. Use API tools like Python tool for exporting specific types of objects from the management server  to recreate objects from a past revision in the current revision.

Generally the approach with R80 Security Management and above is, if you had a misconfiguration which failed connectivity after a policy installation, you can revert the installed policy on the Gateway while keeping the Security Management data up-to-date, allowing you to take the time and find the individual root cause while the organization lives with the last known good configuration. For more on this, see How to revert a Policy or discard changes? 

Re: DB Revision in R80.10

Jump to solution

It looks like Check Point removed the ability to take manual database revisions, I prefer to take my revisions BEFORE modifying objects, policies, etc rather than after. I've never understood the point of taking a database revision right before installing policy rather than before doing the work where you have a known successful policy that can then be pushed back to the gateways if needed.

***If there's a way of manually taking one in R80.x and I just don't know about it then I apologize.

0 Kudos

Re: DB Revision in R80.10

Jump to solution

Quite the contrary. R80 security management architecture takes automatic revisions upon every publish operation. The revisions are negligible in size and only contain the delta diff. Installing the last known good configuration on a gateway is available at the Installation History page and utilizes the automatic revisions.  Please check the R80.10 security management architecture thread and let us know your comments of the new approach (in that thread).