Migrating an On-premises Security Management Server to Harmony Endpoint

With Harmony Endpoint, you can migrate from an on-premises Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. to a Harmony Endpoint cloud tenant in the Infinity Portal.

Use Case

You are using the on-premises Security Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. to manage Harmony Endpoint Security clients installed on the endpoints. You wish to use the Harmony Endpoint cloud service on the Infinity Portal for management.


Make sure that the Security Management Server and the Harmony Endpoint EPMaaS are running the same versions.

  • If the versions are not the same, upgrade the Security Management Server to match the Harmony Endpoint EPMaaS version.

  • To know the Harmony Endpoint EPMaaS version, click Service Management and see Service Version.


  • Migration of Security Management Server from an environment with High Availability and Secondary server to Harmony Endpoint is not supported. For more details, contact Check Point Support.

  • During the import process, the Harmony Endpoint Administrator Portal is locked for use.

Known Limitations

See sk179713.

Migrating to Harmony Endpoint

To migrate an on-premises Security Management Server to Harmony Endpoint:

  1. Log in to Infinity Portal and access the Harmony Endpoint Administrator Portal.

  2. Go to Endpoint Settings > Migration Tool.

  3. Click Download.

    The system downloads the migration script.

  4. In the Harmony Endpoint Administrator Portal, copy the commands from the Migration Tool page Export Data.

  5. Transfer the downloaded migration script to a directory on the Security Management Server.

  6. On the Security Management Server, open the command line and run the commands you copied.

    The system generates encrypted_export.tgz file.

  7. Transfer the encrypted_export.tgz file to the local computer.

  8. In the Migration Tool page Import Data, click Browse and select the encrypted_export.tgz file.

  9. Click Upload & Start.

    Note - Infinity Portal supports the upload of files up to 5 GB. If the export file size exceeds 5 GB, contact Check Point Support.

    You receive a confirmation mail when the import is complete.

  10. Continue with the post-migration steps. For more information, see sk179687.

  11. Run the Reconnect tool on all the endpoints to reconnect to the Harmony Endpoint service on the Infinity Portal. For more information, see Reconnect Tool.