CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 7 of 7

Thread: Migrate from Checkpoint VPN -1 Edge to Checkpint 4400 Box

  1. #1
    Join Date
    2011-10-24
    Posts
    8
    Rep Power
    0

    Default Migrate from Checkpoint VPN -1 Edge to Checkpint 4400 Box

    Hello

    I am not that expert of Checkpoint but i managed since some years a checkpoint VPN-1 Edge device working as a central firewall for my office main office with 10 remote branches .

    Now we got 2 new chgeckpoint 440 devices and I wonder if there are some migration steps from the old checkpoint VPN-1 Edge to this new deivce running GAIA R76.

    Thanks for the clues and help

  2. #2
    Join Date
    2007-06-04
    Posts
    3,313
    Rep Power
    17

    Default Re: Migrate from Checkpoint VPN -1 Edge to Checkpint 4400 Box

    Is the Edge Locally Managed or Centrally Managed via a SmartCenter.

    If Locally managed then no migration process available.

    If Centrally Managed then would simply need to create the objects for the 4400 and replace the Edge Objects with the 4400 Cluster in the Policy and Communities.

    I would also suggest that you take the time before installation to upgrade the 4400's to R77.10.

  3. #3
    Join Date
    2011-10-24
    Posts
    8
    Rep Power
    0

    Default Re: Migrate from Checkpoint VPN -1 Edge to Checkpint 4400 Box

    Hello

    Thanks for your answer and clues given.

    But in my case the old VPN-1 Edge box is not managed with smartcenter.

    We just use it alone from web browser interface..

    Can i now implement smartcenter to get it managed and then upgrade as you said? (what would be the prerequisites for doing this) please..?

  4. #4
    Join Date
    2007-06-04
    Posts
    3,313
    Rep Power
    17

    Default Re: Migrate from Checkpoint VPN -1 Edge to Checkpint 4400 Box

    There isn't a migration tool for a Locally Managed Edge Device ( that I am aware of )

    As such you would have to manualy create the policy in the SmartCenter in the first place to manage the Edge. At that point may just as well create the Policy with the 4400's.

    Also please note that the SmartCenter is a seperate license, the 4400's will come with a Management License that covers using SmartCenter on the Appliance, it doesn't cover you installing SmartCenter on a seperate Box.

    As such your Migration will be to simply start with a clean installation and enter the policy etc that you need as if this was a greenfield site.

  5. #5
    Join Date
    2011-10-24
    Posts
    8
    Rep Power
    0

    Default Re: Migrate from Checkpoint VPN -1 Edge to Checkpint 4400 Box

    Ok


    Thanks for all the help.

    so in fact i just have to well document the current box rules, network objects, security rules; routes, and other settings.
    Then reconfigure all those on the new box checkpoint 4400 .

    ok

    Thanks

  6. #6
    Join Date
    2011-10-24
    Posts
    8
    Rep Power
    0

    Default Re: Migrate from Checkpoint VPN -1 Edge to Checkpint 4400 Box

    Wow...doing it... But that's a whole new story...

    Nothing to compare between vpn-1 edge box and the 4400 box running gaia...

  7. #7
    Join Date
    2007-06-04
    Posts
    3,313
    Rep Power
    17

    Default Re: Migrate from Checkpoint VPN -1 Edge to Checkpint 4400 Box

    Yep Edge Boxes are nothing like the regular boxes. Some parts will look familar in terms of structure of the rule but that is about it.

    You will also find however that the troubleshooting capability of the regular Gaia installation is much more powerful as standard.

Similar Threads

  1. UTM EDGE NW Out of the Box
    By micsireland in forum Installing And Upgrading
    Replies: 1
    Last Post: 2012-03-22, 10:06
  2. How to migrate SmartCenter R60 (IPSO) box to R71 Smart-1 appliance (SPLAT)
    By odyssey7027 in forum Installing And Upgrading
    Replies: 3
    Last Post: 2011-04-07, 09:49
  3. Installing R60 Evaluation version to replace VPN 1 Edge Box
    By gangadhardn in forum Installing And Upgrading
    Replies: 3
    Last Post: 2008-07-24, 07:35
  4. Dynamic ip on vpn edge box
    By ngxadmin in forum Check Point UTM-1 Edge Appliances
    Replies: 6
    Last Post: 2008-07-16, 17:29
  5. VPN between Checkpint NGX and Securepoint Firewall (Linux) not working
    By helgeharder in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 0
    Last Post: 2007-03-01, 06:26

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •