Lost my only FW-1 Management/SmarCenter Server

[z-wall]

I had a meltdown of our only FW-1 Management/SmarCenter server in a datacenter disaster. I tried installing the SmarCenter software on a new box and tried connection to the firewall to no avail.

How can I go about getting a new Management/SmarCenter Server to talk to the firewall?

We are using NG with AI. Any help would be much appreciated.

[Joncon]

Assumming you have backups this should be achievable. What platform is NG running on?

[northlandboy]

This should be pretty simple....provided you have proper backups of your SmartCenter Server.

You would just need to install Check Point on your new system, restore from backup, et voila! It should all just work.

It sounds like you might have just installed Check Point without restoring anything from backup - in which case SIC will not be established. For that matter, the server won't have any records of the rulebases, objects, etc.

So which is it? Did you restore from backup? Using which method?

If you don't have a backup, there is nothing you can do. Leave the current firewall running untouched, and create entirely new objects and rulebases.

[z-wall]

This is the worst case scenario...I do not have any backups of the SmartCenter server what so ever.

CheckPoint NG with AI is running on a Nokia (IPSO). The SmartCenter server was running on Win2K.

nothlandboy...when you say "Leave the current firewall running untouched, and create entirely new objects and rulebases."...does this mean that a new SIC will be established and I just do a "Save As" and save the rulebase?

[Joncon]

z-wall,

you will have to re-create all objects on your 'new' management station and the rulebase. You will then have to reset SIC between management station and the firewall to enable them to talk to each other. Once you have initiated SIC push down your 're-created' policy onto the firewall.

[northlandboy]

Joncon is correct.

z-wall, it sounds to me like you're a little confused as to the role of the SmartCenter Server, and the enforcement module. Remember, all your rulebases and objects are stored on the Server. When you install policy, it compiles the necessary files, and installs it on the enforcement module. You can easily push the same policy to another firewall, but it doesn't work the other way round - you can't recreate all your rulebases from the module.

As Joncon says, setup a new management station. Configure all new rules and objects to match whatever you think you used to have. Create a new firewall object to represent the existing module. Reset SIC on the module, establish it from SmartDashboard, and push policy.

Until you have a new policy ready to push, don't touch the existing firewall. Take a backup of the Nokia box, including backing up the Check Point config. Once you reset SIC, it will go back to default policy, until you push the new one. If your new policy doesn't work like you expected, you can either fix it, or if it's too much to fix quickly, you can restore from that backup.

I hope you don't have a complex rulebase, because frankly, you're stuffed if you do.

Once you do get it working, GET A BACKUP PROCESS IN PLACE! This also goes for the module. Run regular backups there too, it's very easy with IPSO.

[z-wall]

I will give it a shot and put a backup process in place once everything is up and running.

joncon and northlandboy thanks for all your help...I really appreciate it!