Procédure de mise à niveau de Check Point de R80.20 / R80.30 à R80.40

, Check Point . R77.30 R80.10. , 2020- R77.30 . 2 Check Point . “Check Point Gaia R80.40. ?” , . . 

, 2 Check Point: Standalone Distributed, . Distributed :

  • ;

  • , ;

  • SmartEvent, Standalone ;

  • Distributed .

Distributed , .

Security Management Server (SMS)

2 SMS:

  • CPUSE ( Gaia Portal)

  • Migration Tools ( - fresh install)

CPUSE Check Point, . , .

Migration Tools - . , SMS “”, - , .

1) . , - Gaia Portal. Maintenance > System Backup > Backup. . SCP, FTP, TFTP , .

Figure 1. Faire une sauvegarde dans Gaia Portal
1. Gaia Portal

2) Maintenance → Snapshot Management → New. , , . , , .

, . .

Figure 2. Création d'un instantané dans Gaia Portal
2. Gaia Portal

3) Gaia Portal. , Gaia Portal, Clish save configuration <filename>. WinSCP .

Figure 3. Enregistrement de la configuration dans un fichier texte)
3. )

: WinSCP , shell /bin/bash - Users, chsh –s /bin/bash <username>.

CPUSE

4) 3 . , - Upgrades (CPUSE) > Status and Actions > Major Versions > Check Point R80.40 Gaia Fresh Install and Upgrade. Verifier. , , . , .

Figure 4. Mise à jour via CPUSE
4. CPUSE

5) CDT (Central Deployment Tool) - , , , , , . CDT . CDT .

6) SMS WinSCP, SSH SMS . , WinSCP shell /bin/bash!

7) : 

cd /somepathtoCDT/

tar -zxvf <NameofCDTPackage>.tgz

rpm -Uhv --force CPcdt-00-00.i386.rpm

Figure 5. Installation de l'outil de déploiement central (CDT)
5. Central Deployment Tool (CDT)

8) R80.40. Download, Install. , 20-30, - . , .

9) , SmartConsole R80.40.

10) SMS SmartConsole . Install Policy .

11) SMS , . Upgrades (CPUSE) > Status and Actions > Hotfixes Verifier, Install Update. .

 6.     CPUSE
6. CPUSE

Migration Tools

4) CDT - 5, 6, 7 “ CPUSE”.

5) Migration Tools . Migration Tools : R80.20, R80.20 M1, R80.20 M2, R80.30, R80.40. Migration Tools , , , ! R80.40.

6) - SMS Upgrades (CPUSE) > Status and Actions > Import Package > Browse > > Import.

 7.  Migration Tools
7. Migration Tools

7) SMS , Migration Tools ( Migration Tools):

cpprod_util CPPROD_GetValue CPupgrade-tools-R80.40 BuildNumber 1

 8.   Migration Tools
8. Migration Tools

8) $FWDIR/scripts :

cd $FWDIR/scripts

9) pre-upgrade verifier ( ) ( , ):

./migrate_server verify -v R80.40

: “Failed to retrieve Upgrade Tools package”, , (. 4), :

./migrate_server verify -v R80.40 -skip_upgrade_tools_check

 9.
9.

10) :

./migrate_server export -v R80.40 /<Full Path>/<Name of Exported File>.tgz

 10.
10.

: “Failed to retrieve Upgrade Tools package”, , ( 7), :

./migrate_server export -skip_upgrade_tools_check -v R80.40 /<Full Path>/<Name of Exported File>.tgz

11) MD5 - :

md5sum /<Full Path>/<Name of Exported File>.tgz

 11.  MD5 -
11. MD5 -

12) WinSCP .

13) df -h , .

 12.     SMS
12. SMS

14.1) , SMS

14.1.1) Isomorphic Tool USB Gaia R80.40

14.1.2) 2 , , . 

14.1.3) ISOmorphic.exe. 1 Gaia R80.40, 4 . 2 3 !

 13.
13.

14.1.4) “Install automatically without confirmation” . SMS 3 4 .

 14.
14.

14.1.5) , USB , COM SMS. . IP- - 192.168.1.1/24, admin / admin.

14.1.6) Gaia Portal ( https://192.168.1.1), . Next, . IP-, DNS hostname.

14.2) , SMS

14.2.1) SMS, (CPU, RAM, HDD) IP-. , RAM HDD , R80.40 . IP-, SMS .

14.2.2) Gaia IP- /root . , df -h.

15) “Installation Type” , , , MDS (Multi-Domain Server). MDS, SMS . .

 15.   Gaia
15. Gaia

16) , - . Security Management Next. .

 16.      Gaia
16. Gaia

17) , https://192.168.1.1 IP-, .

18)  Gaia Portal, - clish load configuration <filename>.txt. SMS.

: , , WinSCP , shell /bin/bash - Users, chsh –s /bin/bash <username> .

19) . , MD5 . :

md5sum /<Full Path>/<Name of Exported File>.tgz

20) 6 Upgrade Tools SMS Gaia Portal Upgrades (CPUSE) > Status and Actions.

21) :

./migrate_server import -v R80.40 -skip_upgrade_tools_check /<Full Path>/<Name of Exported File>.tgz

 17.      SMS
17. SMS

22) cpstart.

23) SmartConsole R80.40 . Menu > Manage Licenses and Packages (SmartUpdate) , .

 18.
18.

24) - Install Policy.

Security Gateway (SG)

CPUSE, , - fresh install. 99% Security Gateway , , CPUSE, .

SMS , Gaia Portal. 1, 2 3 " Security Management Server".

CPUSE

Security Gateway CPUSE , Security Management Server, , .

: SG ! . , , .   .

Security Gateway

1.1) , SG

1.1.1) Isomorphic Tool USB Gaia R80.40. , SMS, .

1.1.2) 2 , , . 

1.1.3) ISOmorphic.exe. 1 Gaia R80.40, 4 . 2 3 !

 19.
19.

1.1.4) “Install automatically without confirmation”, Security Gateway - 2 3. (SandBlast Appliance), 5.

 20.
20.

1.1.5) , USB , COM . . IP- - 192.168.1.1/24, admin / admin. , , . , .

1.1.6) Gaia Portal, . Next, . IP-, DNS hostname.

1.2) , SG

1.2.1) (CPU, RAM, HDD) , R80.40 . IP- IP-. SG , , - - .

1.2.2) IP- /root .

3) HTTPS . “Installation Type” - Security Gateway and/or Security Management.

 21.    Gaia
21. Gaia

4) - (Products). Security Gateway , , “Unit is a part of a cluster, type: ClusterXL”. VRRP, , .

 22.      Gaia
22. Gaia

5)  SIC . , . “Connect to your Management as a Service” , . , .

 23.  SIC
23. SIC

6) . , Gaia Portal, - clish load configuration <filename>.txt. .

: , , WinSCP , shell /bin/bash - Users, chsh –s /bin/bash <username> shell.

7) SmartConsole R80.40 , . General Properties > Communication > Reset SIC , 5.

 24.
24.

8) Gaia , , . .

9) Gaia Portal Upgrades (CPUSE) > Status and Actions > Hotfixes . !

10) , .

R80.20/R80.30 R80.40, . Gaia R81 , . Check Point, .

. CPSupport. Check Point .

Check Point TS Solution. (Telegram, Facebook, VK, TS Solution Blog, .).




All Articles