Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
carl_t
Contributor

Best way to replace a firewall with a new model ?

Hi Guys

I am in process of swapping out my gateways with new models.

What is the correct way of doing this? 

Is it by creating new objects and a new policy, building it side by side via the management port, or would you use the existing object and modify it?

Cheers

4 Replies
the_rock
Legend
Legend

That can really be up for debate...I used old object before, modified it and it worked. Is it best method? Probably not, but it works. Personally, I prefer deleting existing object and simply creating new one, start from scratch and then you can just replace it in place of an old object. I actually did that for a customer on the weekend and worked perfect.

As far as policy, I would not touch it, as long as you plan to use same one, which I assume you would.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Your opening words and mine are very similar - a GW cluster of high-end units replaced by even more high-end units is better constructed from scratch for less errors, i would assume.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
the_rock
Legend
Legend

Thats also my experience with the process.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

As always - that depends ! Usually, you just replace the hardware, do FTW and GAiA config, edit the GW object to contain the correct appliance model and port config, re-establish SIC and install policy.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events