Backing Up and Restoring a Domain
You can back up a Domain and later restore it on the same Multi-Domain Server
Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS..
|
|
Important:
|
Backing Up a Domain
Run this API:
|
|
For API documentation, see the Check Point Management API Reference v1.8.1 - search for backup-domain.
Restoring a Domain
-
Make sure it is possible to restore the Domain
Before you can restore a Domain, you must delete the current Domain.
Before you delete the current Domain, make sure it is possible to restore it.
Run this API with the "
verify-only" flag:restore-domainFor API documentation, see the Check Point Management API Reference v1.8.1 - search for restore-domain.
-
Delete the current Domain
Before you can restore a Domain, you must delete the current Domain.
You can perform this step in one of these ways:
-
In SmartConsole
Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. connected to the MDS context -
With the API delete domain (see the Check Point Management API Reference)
-
-
Restore the Active Domain Management Server
Run this API:
restore-domainFor API documentation, see the Check Point Management API Reference v1.8.1 - search for restore-domain.
-
Restore the Standby Domain Management Servers and Domain Log Servers
When you restore the Standby Domain Management Servers
Virtual Security Management Server that manages Security Gateways for one Domain, as part of a Multi-Domain Security Management environment. Acronym: DMS. and Domain Log Servers, they must have the same IP addresses that were used when you collected the Domain backup.For API documentation, see the Check Point Management API Reference - search for set domain
For each Standby Domain Management Server
Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server., run this API:set-domain name <Name or UID of Domain> servers.add.ip-address <IP Address of Domain Management Server> servers.add.name <Name of Domain Management Server> servers.add.multi-domain-server <Name of Multi-Domain Server> servers.add.backup-file-path <Full Path to Domain Backup File>.tgz --format jsonFor each Domain Log Server
Dedicated Check Point server that runs Check Point software to store and process logs., run this API:set-domain name <Name or UID of Domain> servers.add.ip-address <IP Address of Domain Log Server> servers.add.name <Name of Domain Log Server> servers.add.multi-domain-server <Name of Multi-Domain Server> servers.add.backup-file-path <Full Path to Domain Backup File>.tgz --format jsonservers.add.type "log server" -
Configure and assign the Administrators and GUI clients
You must again configure the Multi-Domain Server Administrators and GUI clients and assign them to the Domains.
-
Configure the Multi-Domain Server Administrators and GUI clients:
-
Run the
mdsconfigcommand -
Configure the Administrators
-
Configure the GUI clients
-
-
Assign the Administrators and GUI clients to the Domains:
See Backing Up and Restoring a Domain and Backing Up and Restoring a Domain.
-
-
Install policy on all managed Security Gateways and Clusters
-
Connect with SmartConsole to the restored Active Domain.
-
Install the applicable policies on all managed Security Gateways and Clusters.
-