We are finally replacing our FW cluster with old UTM appliances for 5600 appliances. I would like to keep the same names in the policy, but since the interface names change I would like to know what the best way is to migrate to the new appliances with minimal outage.
I was about to failover to HA -
- move cables from the Primary appliance to the new 5600 Primary appliance,
- migrate export of the policy. Then remove all references of the existing cluster from the policy and delete the whole cluster from the management server.
- create a new cluster with initially 1 member (the new primary 5600) establish SIC and configure cluster with all new interfaces - Add cluster to the rules where the old cluster was removed
- Remove cables from Old HA Firewall,while installing the policy to the new Primary
- connect new 5600 HA and add to the cluster (and install policy)
Any other (or better) recommendations for a smooth migration to the new hardware?
Or can I just delete 1 cluster member and add the new hardware with different interface names to the cluster object?