PDA

View Full Version : EPS and EMS Split and Migration



breakpoint
2017-06-22, 16:41
We are currently running our EPS and EMS on an R77.30 open server and would like to migrate the EMS to another existing R80.10 management server and move the EPS to another new R80.10 open server (in the DMZ). The existing R80.10 management server is managing our gateways so my understanding is that I can't due a straight migrate export/import because it will overwrite the existing configuration. I read somewhere in Checkpoint's documentation about a process to "merge" two management servers, would that be appropriate in this scenario and if so, how does it work? And what would be the best way to migrate to the separate R80.10 EPS? Just looking for some general steps and order of operations, including the action that needs to be taken on the Endpoint clients/policies to facilitate a smooth transition. Thank you!

breakpoint
2017-06-29, 10:59
We are currently running our EPS and EMS on an R77.30 open server and would like to migrate the EMS to another existing R80.10 management server and move the EPS to another new R80.10 open server (in the DMZ). The existing R80.10 management server is managing our gateways so my understanding is that I can't due a straight migrate export/import because it will overwrite the existing configuration. I read somewhere in Checkpoint's documentation about a process to "merge" two management servers, would that be appropriate in this scenario and if so, how does it work? And what would be the best way to migrate to the separate R80.10 EPS? Just looking for some general steps and order of operations, including the action that needs to be taken on the Endpoint clients/policies to facilitate a smooth transition. Thank you!

I've been informed by Checkpoint support that Endpoint won't be supported on R80 until R80.20 next year, so this is a null question until then.

PhoneBoy
2017-06-29, 13:47
It's not really a null question as you can still run them on separate systems (even though the latest endpoint management is based on R77.30).
Your best bet to split an existing network + endpoint manager into separate network and endpoint managers is to engage with Check Point Professional Services.