This video elaborates on Check Point’s High Availability architecture in security management servers, in what sense it defers from previous versions and its benefits.
Tasty learning byte - for me, the duration, topics, depth of explanations, visual aids are quite adequate.
[Aha moment] So the send_command which was able (up to R80) to switch roles and to trigger sync is no longer working because it does not interacts with CPM which is handling delta syncs. In R80.x there is no other way than SmartConsole to trigger a full sync or role switch
However, it seems that FWM is still involved - e. g. interrupting an initial Full Sync (which left the secondary server inaccessible via SmartConsole/mgmt._cli, with the full sync in progress, try later message and the primary server unable to retry the Full Sync) left no traces in cpm.elg with cpm_debug.sh -t HA -s DEBUG (R80.10 w JHF T112) and only clearing the status in $FWDIR/conf/mgha allowed the Full Sync to be restarted - the outdated sk80060, Debugging Management HA synchronization, might still be useful.
Nicely done, and timely, too!
Someone was just asking about Management HA in a local CheckMates Live event I was running.
Nice, but would like to see and hear more about MDS HA specifics.
You asked, Yair Herling delivers: Lightboard Series: R80.10 High Availability in Multi Domain Environments
Going to watch it right now...
Retrieving data ...