Automate backup for Check Point devices without scripts

Check Point® configuration backup is the process of making a copy of the complete configuration and settings for Check Point devices. Configuration backups allow network administrators to recover quickly from a device failure, roll back from misconfiguration or simply revert a device to a previous state.

Because configurations change in time, configuration backups for Check Point should be created regularly and stored in a secure location.

Restorepoint includes support for the following Check Point device types:

  • GAIA
  • SecurePlatform based devices
  • IP Series - IPSO (Nokia)
  • SmartCenter
  • Provider-1
  • Smart-1
  • VSX
  • UTM Edge X
  • Connectra
  • SG80/1100 Series

Restorepoint can use SCP, SSH, telnet and TFTP to retrieve the configuration.

Usage scenario: Restorepoint and SmartCenter failure

The Check Point SmartCenter is an integral component in a Check Point firewall deployment; it enables organisations to perform all aspects of security management via a single, unified console. However, even if the SmartCenter contains all the security policy information for all the gateways, it does not store critical configuration information about a SecurePlatform-based appliance, in particular:

  • Gateway interface IP addresses (although this information is available in the SmartCenter, it cannot be "pushed" by the SmartCenter to the gateway)
  • Routing tables
  • SIC Certificates
  • SSH keys
  • Local Secureplatform administrator accounts

In practice, the SmartCenter can only install a security policy on a new gateway (for instance, in a disaster recovery scenario) after all the interfaces and routing tables have been configured, and the SIC trust have been established. In a disaster scenario where the SmartCenter server needs to be rebuilt from scratch, the lack of a full configuration backup could make the difference between being back up and running in a few minutes and an extended outage. For example, the lack of a backup of the SIC data will require re-initialising SIC on the SmartCenter, and reset/re-initialise SIC on all gateways (which causes a gateway restart).    Restorepoint performs a full configuration backup, and can restore on to a newly installed Secureplatform server, making it virtually identical to the original server before the failure.

Restorepoint enables organisations to remove network management complexity by putting routine tasks such as network configuration backup, compliance and change management tasks on autopilot across their multi-vendor network infrastructure.

Using Restorepoint's simple graphical user interface network administrators can quickly schedule network device backups without scripts, analyse devices to ensure security, compliance and automate bulk changes that would otherwise take hours or days to implement manually. Learn more about how Restorepoint how you can save time and ensure you meet your disaster recovery and compliance needs.