CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 2 of 2

Thread: HW/SW Compatibility between cluster members

  1. #1
    Join Date
    2008-08-06
    Posts
    7
    Rep Power
    0

    Default HW/SW Compatibility between cluster members

    I am looking for some implementation guides and best practices for upgrading a Checkpoint firewall as follows:

    Current Platform:

    Standalone SPLAT Appliance - VPN-1(TM) & FireWall-1(R) R70.30 - Build 008
    U-40 UTM-1 3070, Product Name: U-40-00

    Upgrading to:
    Clustered GAIA Appliances - VPN-1(TM) & FireWall-1(R) R75.40 - Build 275
    T-120 Check Point 4200, Product Name: T-120-00

    Our goal is to develop an implementation plan whereby we can minimize downtime as much as possible. A cutover scenario where the new cluster is staged and we simply perform hot cut would cause all connections to drop. Instead, we are looking at creating a 3 member cluster with the disparate hw/sw versions, then perform a non-impactful failover to the new cluster members. Any solution guides for this type of upgrade plan would be very beneficial.

    Is there some kind of compatibility matrix that explains the hw/sw requirements for this process ?

  2. #2
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,654
    Rep Power
    10

    Default Re: HW/SW Compatibility between cluster members

    I don't think that is going to work because clusterxl keeps track of hardware information and i know for sure memory size as we upgraded some ram on a open server and it put the firewall into ready state. Not only that, but i not sure you can even sync the connctions table from 71 to 75. Look for the install_and_upgrade_guide for R75 if you want all the upgrade options.

    BTW, you know that your new box is slower then your old box right? It might have more memory, but CPU wise check this out.


    Go here
    http://blog.lachmann.org/

    then here
    http://cpuboss.com/cpus/Intel-Core2-...tel-Atom-D2550

    Granted, you'll have 4 gig of ram, but if you aren't running low on ram on your old box your not buying anything.

Similar Threads

  1. Replies: 0
    Last Post: 2012-07-18, 15:12
  2. VSX Cluster HW
    By manrag in forum VPN-1 VSX
    Replies: 3
    Last Post: 2011-06-16, 16:05
  3. ClusterXL Advance Upgrade (SW & HW)
    By anthonws in forum Installing And Upgrading
    Replies: 7
    Last Post: 2008-08-07, 11:18
  4. HA Cluster problem - cluster members can't be active at same time
    By jdickson in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 1
    Last Post: 2008-04-30, 11:17
  5. Disjoining cluster members
    By lenrenee in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 1
    Last Post: 2007-09-13, 03:39

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •