This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
the_rock
MVP Platinum
MVP Platinum
‎2024-01-24 10:40 AM
Jump to solution

Migrating Azure fw rules to Smart-1 cloud mgmt server

Hey guys,

I hope someone would be able to clarify this for me. I found below link:

New -Easy Migration from Azure Firewall to Check P... - Check Point CheckMates

But, Im wondering, how easy is it to follow the process to say export current Azure rules and import them into brand new S1C instance? Does the link need to be followed to import stuff first into onprem server and then script from S1C portal to migrate the config OR can this be done directly into the cloud?

If there is easier way, happy to hear any suggestions.

Thanks as always for the help.

Best,

Andy

Best,
Andy
0 Kudos
2 Solutions

Accepted Solutions
Shay_Levin
Admin
Admin
‎2024-01-25 08:59 PM
In response to the_rock
Jump to solution

In case that your management is Smart-1 cloud, you have two options: 

1. Open a ticket to TAC, provide them with the two files created during the export process, and ask them to run the import process.

2. Connect with the management APIs in Smart-1 Cloud, explained here

     Extract all the CSV files from the TAR file.

     And import each CSV file with mgmt_cli

    

mgmt_cli add host --batch collectiongroup2-hosts-migrate.csv

mgmt_cli add network --batch collectiongroup2-subnets-migrate.csv

mgmt_cli add address-range --batch collectiongroup2-ipranges-migrate.csv

mgmt_cli add dns-domain --batch collectiongroup2-fqdn-migrate.csv

mgmt_cli add group --batch collectiongroup2-ipgroups-migrate.csv

mgmt_cli add access-layer --batch collectiongroup2-layernames-migrate.csv

mgmt_cli set host --batch collectiongroup2-hosts-with-groups-migrate.csv

mgmt_cli set network --batch collectiongroup2-subnets-with-groups-migrate.csv

mgmt_cli set address-range --batch collectiongroup2-ipranges-with-groups-migrate.csv

mgmt_cli add access-rule --batch collectiongroup2-transformed.csv

View solution in original post

(1)
Tomer_Noy
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2024-01-27 03:36 AM
In response to the_rock
Jump to solution

Yes, if you prefer that option, it should work as well.

View solution in original post

5 Replies
the_rock
MVP Platinum
MVP Platinum
‎2024-01-25 02:40 PM
Jump to solution

@Shay_Levin ...since you wrote the first link, maybe you have an idea?

Best,

Andy

Best,
Andy
0 Kudos
Shay_Levin
Admin
Admin
‎2024-01-25 08:59 PM
In response to the_rock
Jump to solution

In case that your management is Smart-1 cloud, you have two options: 

1. Open a ticket to TAC, provide them with the two files created during the export process, and ask them to run the import process.

2. Connect with the management APIs in Smart-1 Cloud, explained here

     Extract all the CSV files from the TAR file.

     And import each CSV file with mgmt_cli

    

mgmt_cli add host --batch collectiongroup2-hosts-migrate.csv

mgmt_cli add network --batch collectiongroup2-subnets-migrate.csv

mgmt_cli add address-range --batch collectiongroup2-ipranges-migrate.csv

mgmt_cli add dns-domain --batch collectiongroup2-fqdn-migrate.csv

mgmt_cli add group --batch collectiongroup2-ipgroups-migrate.csv

mgmt_cli add access-layer --batch collectiongroup2-layernames-migrate.csv

mgmt_cli set host --batch collectiongroup2-hosts-with-groups-migrate.csv

mgmt_cli set network --batch collectiongroup2-subnets-with-groups-migrate.csv

mgmt_cli set address-range --batch collectiongroup2-ipranges-with-groups-migrate.csv

mgmt_cli add access-rule --batch collectiongroup2-transformed.csv

(1)
the_rock
MVP Platinum
MVP Platinum
‎2024-01-26 06:15 AM
In response to Shay_Levin
Jump to solution

Thanks for that. Question...can I do say what I described in my post, for example, import things into regular lab onprem mgmt and then use script from S1C to import it there? Would that work?

Best,

Andy

Best,
Andy
0 Kudos
Tomer_Noy
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2024-01-27 03:36 AM
In response to the_rock
Jump to solution

Yes, if you prefer that option, it should work as well.

the_rock
MVP Platinum
MVP Platinum
‎2024-01-27 05:13 AM
In response to Tomer_Noy
Jump to solution

Thanks Tomer, appreciate that. Lets us see how these guys would like to proceed, though Im sure they would not care as long as we can make it work.

Thanks mate.

Best,

Andy

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events