Those are my personal notes towards the certification and do not reflect any training from Check Point
For official Information please refer to sk163417.
- Chapter 1: Introduction to Advanced Deployments
- Chapter 2: Management High Availability
- Chapter 3: Advanced Gateway Deployment
Chapter 1: Introduction to Advanced Deployments
# netstat -tulnp
api status
top
show clock
show timezone
show ntp servers
mgmt_cli unlock-administrator name cpadmin -d ‘Sytem Data’ -r true
mgmt_cli add host name “B-Host” ip-address “192.168.21.201” color “sea green” comments “Bravo site host PC”
Chapter 2: Management High Availability
The basic components are a Primary / Active Security Management Server and one or more Secondary / Standby Management Server(s).
Other Types of Servers
Log Server
Smart Event
Syncronization
Postgres DB not LOGs
Deployment
Two-Part process
P1 Gaia First Time Wizard
P2 Object and SIC
Unique License needed, check with cplic check mgmtha
Sync Failuers
Hot Fix missmatch
CLOCK differ
Installed Products differ
Active and Standby Changeover
Manual Process
From Smart Console
Connect to an standby server and over menu select “Management High Availability”. Use the Action Button to change to Active.
Before: Publish all Sessions
Manualy Sync the Active and Standby.
Backup and Restore
Dedicated Log Server
License CLM Custom Log Modul
SmartEvent Server
Full Visibilty
Real Time Forensics
Imediate Response
Automatic Reaktion :
Block Source (SAM) Suspicious Activiti Monitoring.
LAB
Patrick Marc's Networks 