Migration from a Distributed Environment to an UTM1 Cluster - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

Migration from a Distributed Environment to an UTM1 Cluster

Description:

Distributed environment with 3 Open Servers. 2 Gateways as ... Enter SIC secret. make first appliance primary cluster member. this is where the magic happens! ... – PowerPoint PPT presentation

Number of Views:126
Avg rating:3.0/5.0
Slides: 14
Provided by: tobiasl2
Category:

less

Transcript and Presenter's Notes

Title: Migration from a Distributed Environment to an UTM1 Cluster


1
Migration from a Distributed Environmentto an
UTM-1 Cluster
Tobias Lachmann
2
Agenda
  • Scenario
  • Motivation / Benefits
  • Starting Basis
  • Target Environment
  • Preparation
  • Migration

3
Scenario
  • Distributed environment with 3 Open Servers
  • 2 Gateways as HA Cluster
  • 1 SmartCenter
  • Used Licenses
  • Check Point UTM - Mgmt and Gateway Bundle for 5
    Sites Unlimited Users for 2 cores
    (CPUTM-CKP-5-U2)
  • Secondary Check Point VPN-1 UTM for unlimited
    Users for 2 cores (CPUTM-VUG-HA-U2)

4
Motivation / Benefits
  • get license for unlimited IP addresses
  • get Management High Availability for free
    (introduced in NGX R65 w/ Messaging Security)
  • reduce complexity (2 vs. 3 servers)
  • save power and cooling

5
Motivation / Benefits
  • Cut costs
  • Buy 3 new server with support contract ? 10.500
  • Pay for Collaborative Enterprise Support ?
    14.526
  • Buy Multi-Core license?
  • Total of 25.026
  • Buy 2 new UTM-1 570 appliances with CES
  • Total of 20.944
  • Save extra money through Trade-In of old licenses

6
Starting Basis
192.168.1.2
192.168.1.3
HA Cluster
192.168.1.10
7
Target environment
192.168.1.2
192.168.1.3
FullHA Cluster
8
Preparation
  • take a backup of SmartCenter server!
  • change SmartCenter configuration before export
  • take note of cluster configuration and where the
    cluster object is used
  • delete cluster object from VPN communities
  • delete cluster object from security rules
  • delete cluster object from NAT rules
  • delete cluster object / cluster members

9
Preparation
  • change SmartCenter configuration before export
  • remove licenses from SmartCenter object
  • rename SmartCenter object to name of first UTM-1
    cluster node
  • change IP address of SmartCenter object to IP
    address of first UTM-1 cluster node
  • do upgrade_export on SmartCenter

10
Migration
  • install and configure first UTM-1 appliance
  • locally managed
  • Important do not install it as part of a cluster
  • copy configuration to machine
  • import the configuration with upgrade_import
  • install and configure second UTM-1 appliance
  • locally managed
  • install as secondary cluster member
  • Enter SIC secret
  • make first appliance primary cluster member ?
    this is where the magic happens!

11
Migration
  • access SmartCenter with GUI clients
  • attach new licenses with SmartUpdate
  • configure UTM-1 cluster using SmartDashboard
  • follow the wizard
  • complete cluster configuration
  • office mode
  • VPN communities
  • .
  • ? refer to notes taken (old config)
  • configure Management HA
  • sync SmartCenter

12
Questions?
13
Still got a question?
  • Tobias Lachmann
  • Technical Consultant
  • MCS Moorbek Computer Systeme GmbH
  • Essener Bogen 17
  • 22419 Hamburg
  • tobias.lachmann_at_mcs.de
  • Telefon 040 / 53773 - 160
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Migration from a Distributed Environment to an UTM1 Cluster" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!