Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Migrating policies to new server 1

Status
Not open for further replies.

misjay01

Technical User
Jun 17, 2003
50
GB
We are in the process of migrating out our old NG AI checkpoint management servers and replacing them with new compaq DL380's.

Does any one know what the processes and procedures are for migrating the policies and logs over to the new server ?

Any help appreciated
 
dbexport off the old boxes and then just dbimport to the new ones.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Hi Chris,

1) Does this require stopping any services ?

2) Can I keep a copy of the license on both servers in case I need to rollback ?

3) Any major changes required on the Nokia's ?

4) Also I guess we need to re-enter new SIC password for all enforcement modules ?

Thanks,



 
1) Does this require stopping any services ?

Just run the dbexport script on the management server and it will create an output file to be imported onto the new firewall. If it does stop the firewall service on the management server (which I can't rememember at the moment) then it will not affect the gateways at all.

2) Can I keep a copy of the license on both servers in case I need to rollback ?

You sure can.

3) Any major changes required on the Nokia's ?

Nope!

4) Also I guess we need to re-enter new SIC password for all enforcement modules ?

Yes, you will have to reset SIC and then push the security policy to the gateways.

Chris.



**********************
Chris A.C, CCNA, CCSA
**********************
 
Hi Chris,

Are there any bug issues using these commands ?

I was trying to do a lookup on the knowledgebase checkpoint's site and was not able to get any further due to limited permissions, but there were issues listed with these commands :-

11-Oct-2004 NG
3. fwm crashes after running fwm dbexport or fwm dbimport commands

Do you know if there are any bugs and which patches are needed to resolve this ?

Sorry for endless questions!

 
Well, I've never experienced any of those issues. We normally run a dbexport on our management servers every night via a cron job that then copies the output file off the server via FTP. Never had a problem on NG AI R55.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Chris,

Ok will see what happens.

Many thanks for your help on this !
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top