Upgrading Security Management Servers in Management High Availability from R80.20 and higher
|
Notes:
|
|
Important - Before you can install Hotfixes on servers that work in Management High Availability, you must upgrade all these servers. |
Procedure:
Step |
Instructions |
||
---|---|---|---|
1 |
Upgrade the Primary Security Management Server with one of the supported methods.
|
||
2 |
Upgrade the Secondary Security Management Server with one of the supported methods.
|
||
3 |
Get the R81.20 SmartConsole. |
||
4 |
Connect with SmartConsole to the R81.20 Primary Security Management Server. |
||
5 |
Update the object version of the Secondary Security Management Server:
|
||
6 |
Make sure Secure Internal Communication (SIC) works correctly with the Secondary Security Management Server:
|
||
7 |
Upgrade the dedicated Log Servers and SmartEvent Servers. Follow the applicable procedure in Upgrade of Security Management Servers and Log Servers.
|
||
8 |
Install the management database:
|
||
9 |
Install the Event Policy.
|
||
10 |
Synchronize the Security Management Servers:
|
If you installed the target R81.20 Security Management Server with a different IP address than the source Security Management Server, you must create a special JSON configuration file before you import the management database from the source Security Management Server. Note that you have to issue licenses for the new IP address.
|
Important:
|
To create the required JSON configuration file:
Step |
Instructions |
|||
---|---|---|---|---|
1 |
Connect to the command line on the target R81.20 Security Management Server. |
|||
2 |
Log in to the Expert mode. |
|||
3 |
Create the Format for migrating only the Primary Security Management Server to a new IP address
Format for migrating both the Primary and the Secondary Security Management Server to new IP addresses
Format for migrating both the Primary and the Secondary Security Management Servers, and the Log Server to new IP addresses
|
|||
|
Example
There are 3 servers in the R80.30 Security Management environment - the Primary Security Management Server, the Secondary Security Management Server, and the Log Server Dedicated Check Point server that runs Check Point software to store and process logs.. Both the Primary and the Secondary Security Management Servers migrate to new IP addresses. The Log Server remains with the original IP address.
|