Starting from Take 135 of R80.30 Jumbo Hotfix Accumulator (PRJ-5250), you can export the entire management database from a Domain Management Server on one R80.30 Multi-Domain Server and import it on another R80.30 Multi-Domain Server.
Workflow:
Step 1 of 5: On the source Multi-Domain Server, export the Domain Management Server
Step |
Description |
---|---|
1 |
Run this API:
For API documentation, see the Check Point Management API Reference - search for migrate-export-domain. |
2 |
Calculate the MD5 of the export file:
|
Step 2 of 5: Transfer the export file to the target Multi-Domain Server
Step |
Description |
---|---|
1 |
Transfer the export file from the source Multi-Domain Server to the target Multi-Domain Server, to some directory. Note - Make sure to transfer the file in the binary mode. |
2 |
Make sure the transferred file is not corrupted. Calculate the MD5 for the transferred file and compare it to the MD5 that you calculated on the source Multi-Domain Server:
|
Step 3 of 5: On the target Multi-Domain Server, import the Domain Management Server
Step |
Description |
---|---|
1 |
Run this API:
For API documentation, see the Check Point Management API Reference - search for migrate-import-domain. |
2 |
Make sure that all the required daemons (FWM, FWD, CPD, and CPCA) are in the state "up" and show their PID (the "pnd" state is also acceptable):
If some of the required daemons on a Domain Management Server are in the state "down", then wait for 5-10 minutes, restart that Domain Management Server and check again. Run these three commands:
|
Step 4 of 5: Configure and assign the Administrators and GUI clients
Step |
Description |
---|---|
1 |
Configure the Multi-Domain Server Administrators and GUI clients:
|
2 |
Assign the Administrators to the Domains. See the R80.30 Multi-Domain Security Management Administration Guide - Chapter Managing Domains - Section Creating a New Domain and Section Assigning Trusted Clients to Domains. |
Step 5 of 5: Install policy on all managed Security Gateways and Clusters
Step |
Description |
---|---|
1 |
Connect with SmartConsole to the Active Domain (to which this Domain Management Server belongs). |
2 |
Install the applicable policies on all managed Security Gateways and Clusters. |