This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Andrew-OCD
Contributor
‎2023-08-09 08:48 AM

Migrating 1570R from Local to Central Management (Smart-1 Cloud)

Dear Checkmates,

I have a client with many 1570R appliances running version R81.10 (996000575) - device says "Firmware is up to date".

They have these devices configured to use Local Management but they have now opted to move to a Smart-1 Cloud (very good idea) for all of there management and so we need to find a way to move the policy from the local machine onto the Smart-1 cloud and then add the gateways to the Smart-1 cloud.

Does anybody have any experience doing such a process? Or any advice on where to find useful documents, hints, etc...?

Thanks

Andrew

0 Kudos
6 Replies
the_rock
Legend
Legend
‎2023-08-09 10:03 AM

Maybe better to open an official TAC case on it. Personally, and this is just my logical thinking, if they are all locally managed, there is no any mgmt server, so not sure if there is some sort of script or something that can used to import all of it to newly built smart-1 cloud.

Andy

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-08-09 04:44 PM

That firmware version/build was released 24 Nov 2022.

R81.10.05 (996001301) was released 25 April 2023 - see: sk179797

The current version is R81.10.07 ( 996001430 ) released 29 June 2023 - see: sk180628

CCSM R77/R80/ELITE
0 Kudos
G_W_Albrecht
Legend
Legend
‎2023-08-10 02:34 AM

Please look into the capabilities of vSMP quantum Spark  management : sk118035: Managing Firewall Access Policy from the Quantum Spark Portal and SMP R12.30 Administration Guide.

If you add the SMB to the management, local settings are kept - if you choose to not overwrite them with portal settings. You can do that in a granular way...

CCSE CCTE CCSM SMB Specialist
Andrew-OCD
Contributor
‎2023-10-21 06:09 AM
In response to G_W_Albrecht

Dear,

 

Much as I agree with you this is a nice solution it is not appropriate in this case due to the fact that they are consolidating all of their Check Point devices: Gaia on VM, SMB appliances and others all into the single management platform to ease the management of over 100 different sites.

For the moment we are looking for any suggestions on how we can get the existing config copied off the 1570 device and into the Smart-1 cloud without having to manually retype the whole policy.

We have been having some limited success building excel scripts but we were hoping somebody else in the community had a better suggestion from their experience.

Best regards

Andrew

0 Kudos
the_rock
Legend
Legend
‎2023-10-21 10:36 AM
In response to Andrew-OCD

Did you consult with TAC on this yet to get an official statement?

Andy

0 Kudos
G_W_Albrecht
Legend
Legend
‎2023-10-22 02:35 AM
In response to Andrew-OCD

Same as with central onsite SMS, you have to decide how the deployment should work - here, with 100 peers, it is better to configure a SmartLSM profile and Security Policy in SmartConsole, and manage the Quantum Spark Appliances in the SmartProvisioning GUI client.

 
CCSE CCTE CCSM SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events