AnsweredAssumed Answered

CheckPoint DR questions

Question asked by Gim Dor on Aug 6, 2018
Latest reply on Aug 7, 2018 by Valeri Loukine

Hello folks,

 

I am fairly new to CheckPoint and will be performing a DR test exercise. I have performed DR on Production in the past which was related to backup software a but need your suggestion on this DR test lab exercise where I will be performing to ensure everything goes well should a real disaster occur. This may be basic to you guys but I just need clarification so I do it the right way.

 

The scenario is that I will be in our IT Head Office with access to PC to connect to a remote site (I assume we will connect via RDP or VPN) where the DR is to be performed. The DR location to be tested is in a different site (another state than ours) and believe Firewall will be connected to a PC where I will remote into. I have been provided with an exercise list but that list only contains performing fresh installation from the Gaia R77.30 CD (which I understand will be helpful in case there isn't any image or need to boot off of the CD). It also contains tasks to perform First Run Configuration from the Gaia Web UI Wizard Setup, connecting to WebUI to add static routes (default route to external and setting static routes for internal). Furthermore, it has tasks to login to Smart Dashboard to install and configure policy, set Stealth and Cleanup Rules, inserting access rules for inside to internet and allow any. Last but not least, to push policy and verify internet access. This to me doesn't seem like a real disaster recovery. My understanding is that we should take a system, export, and show configuration backups, and use that to recover. Correct me if I am wrong.

 

1) If this is the case (which means I will take the backup of our Firewall and Management server located in our local office and restore to the remote site's network), then those policies won't work as they will have different IPs from the remote site's network IPs.
2) Since the remote location will have different IPs including DNS and routing information from the backup that is taken, how will this play out?
3) What IPs (IP for Gateway, Management, internal, external, including static) should I be using? I assume theirs.
3) I see one of the bulleted points for this DR test exercise is to build, configure, and test the internal and external firewalls.


Please advise and thank you for assistance here.

Outcomes