- Products
- Learn
- Local User Groups
- Partners
-
More
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
IDC Spotlight -
Uplevel The SOC
Important! R80 and R80.10
End Of Support around the corner (May 2021)
What's the best way to do this? We need the replacement to be on the like version. Is there a flag/switch to do a full backup with OS/hotfixes/etc so the restore give a like-same/duplicate device swap out?
RMA (new device) = Production (old device)
Best Practices - Backup on Gaia OS suggests you might want to do a snapshot:
The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system.
Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported.
The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be saved.
Best Practices - Backup on Gaia OS suggests you might want to do a snapshot:
The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system.
Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported.
The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be saved.
I am not sure a snapshot will not get you into problems later. We have a bunch of 3200's that are in a heap of trouble by following this procedure.
They work after the swap. But now that we have to roll out a Jumbo Hotfix we find all these units are now broken.
So use caution if you go that route.
sk98068 has a note in it as follows:
Note: If on the original machine a network configuration was performed in Gaia Portal (e.g., changing an IP address of an interface), then the MAC addresses of the original machine will be saved as well. MAC addresses will be exported and then imported and deployed on another machine.
Is this saying that if reverting a snapshot on a different machine (such as in an RMA), that the MAC addresses of the old machine will move to the new machine? That sounds like it could cause some problems. What is recommended here?
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY