Clicky

Automate backup for Check Point devices without scripts

Check Point® configuration backup is the process of making a copy of the complete configuration and settings for Check Point devices. Configuration backups allow network administrators to recover quickly from a device failure, roll back from misconfiguration or simply revert a device to a previous state.

Because configurations change in time, configuration backups for Check Point should be created regularly and stored in a secure location.

Restorepoint includes support for the following device types:
  • GAIA
  • SecurePlatform based devices
  • IP Series - IPSO (Nokia)
  • SmartCenter
  • Provider-1
  • Smart-1
  • VSX
  • UTM Edge X
  • Connectra
  • SG80/1100 Series

Restorepoint can use SCP, SSH, telnet and TFTP to retrieve the configuration.

Usage scenario: Restorepoint and SmartCenter failure

The Check Point SmartCenter is an integral component in a Check Point firewall deployment; it enables organisations to perform all aspects of security management via a single, unified console. However, even if the SmartCenter contains all the security policy information for all the gateways, it does not store critical configuration information about a SecurePlatform-based appliance, in particular:

  • Gateway interface IP addresses (although this information is available in the SmartCenter, it cannot be "pushed" by the SmartCenter to the gateway)
  • Routing tables
  • SIC Certificates
  • SSH keys
  • Local Secureplatform administrator accounts

In practice, the SmartCenter can only install a security policy on a new gateway (for instance, in a disaster recovery scenario) after all the interfaces and routing tables have been configured, and the SIC trust have been established. In a disaster scenario where the SmartCenter server needs to be rebuilt from scratch, the lack of a full configuration backup could make the difference between being back up and running in a few minutes and an extended outage. For example, the lack of a backup of the SIC data will require re-initialising SIC on the SmartCenter, and reset/re-initialise SIC on all gateways (which causes a gateway restart).    Restorepoint performs a full configuration backup, and can restore on to a newly installed Secureplatform server, making it virtually identical to the original server before the failure.

Restorepoint enables organisations to automate network management, compliance management, and to make changes faster across their multi-vendor network infrastructure. Using Restorepoint you can save hours of administration time per week by automating critical network processes, all without scripts or repetitive manual processes.

We remove the complexity from network management, ensuring you're able to put routine tasks on auto-pilot.  Learn more about how Restorepoint can automate Network Configuration Backup, Compliance Auditing, Change Detection, and Change Management for all of your network, security and storage devices.