Firewall Wizards mailing list archives

Re: Backup Checkpoint Firewall

From: Nathaniel Hall <halln () otc edu>
Date: Tue, 17 May 2005 10:51:55 -0500

Thanks for the input.  My next problem is with upgrade_export it says the following:

"You are required to close all Check Point clients before the export begins. If the export fails, stop Check Pointservices and run the upgrade_export command again. Press ENTER when ready.."

Problem 1) How can I ensure all clients are closed? My first thought was to run cpstop, but my coworker said it used toonly stop the Dashboard, but now it stops everything. That is a problem since backups are going on at the same time.


Problem 2)      Press ENTER when ready.  How would I do that in a batch file?

I know this is not the best place for problem 2, but it is still a problem.

Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking

halln () otc edu
417-447-7535
GPG Public Key ID: 0xAC187312


Paul Melson wrote:

I would use upgrade-export on the SmartCenter server to create backups.
This should get you everything you could ever hope to restore into a single
file.  It definitely meets the last two criteria, and it should be easy
enough to encrypt, since the actual export is a tar/gzip archive.  To
restore, you use the appropriately-named upgrade-import tool.

PaulM

-----Original Message-----
Subject: [fw-wiz] Backup Checkpoint Firewall
I am working on creating a secure means to backup a CheckPoint FW-1 with AI
firewall.  I have procedures for encrypting the information, but what is the
best way to get all of the configuration?  Here is what I would like to
have:

        Text output (preferred, I can encrypt to ASCII if needed)
        All configuration settings
        Easy way to import into a new installation

If this is possible, what would be the command to execute to get the backup
and the command to import it back in?  If it isn't possible, what is the
best way?


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Backup Checkpoint Firewall Nathaniel Hall (May 17)
- RE: Backup Checkpoint Firewall Paul Melson (May 17)
- Re: Backup Checkpoint Firewall John Adams (May 17)
- Re: Backup Checkpoint Firewall Erick Mechler (May 17)
- <Possible follow-ups>
- Re: Backup Checkpoint Firewall Nathaniel Hall (May 17)
  - RE: Backup Checkpoint Firewall Paul Melson (May 17)