There are a few methods to perform a backup of your Check Point system running Gaia OS. They differ by size, time of creation and content. This article provides overview of all available backup methods and recommendation for configuring an effective backup scheme.
The built-in Gaia backup procedures:
Snapshot Management
System Backup (and System Restore)
Save/Show Configuration (and Load Configuration)
All methods can be used to back up your Security Gateways, Security Management and Multi-Domain Server.
All methods are appliance-specific and can only be restored on the same model of appliance.
2. Snapshot Management
The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system.
Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported.
The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be saved.
3. System Backup (and System Restore)
System Backup can be used to back up current system configuration. A backup creates a compressed file that contains the Check Point configuration. This file includes the networking and operating system parameters, such as routing and interface configuration etc., but unlike a Gaia snapshot, it does not include the operating system, product binaries, and hotfixes.
Note: A Gaia backup, unlike a Gaia snapshot, can be restored on the same or a different appliance running the same Check Point Gaia OS version and hotfixes.
4. Save Configuration (and Load Configuration)
Allows saving Gaia OS configuration settings as a ready-to-run CLI script. This allows you to review your current setup and quickly restore the Gaia OS configuration.
5. Recommended Backup Plan
For complete backup of the system and maximum confidence, Check Points recommends combining all three methods as part of the backup plan (Snapshot Management, System Backup/Restore, Save/Load Configuration). This allows multiple restore points, redundancy, and reliability of overall restore procedure.
Collect:
Snapshot - after a fresh installation, before an upgrade, and before a hotfix installation.
Scheduled Backup - monthly or weekly, depending how frequently you perform changes in your configuration and policy.
6. Recommended Steps in Case of Disaster Recovery
Do one of these:
Revert to a Gaia Snapshot - restores the Check Point version with all the setup details, including type (management/gateway) and installation of hotfixes.
Restore from a Gaia Backup - restores latest system configuration with all recent network and security configuration.
Compare the output of Gaia Clish command "show configuration" to the saved configuration to verify that Gaia OS configuration was restored properly.
If this is a Security Gateway / StandAlone, install policy on this machine.
Use the flag "-l" in the syntax to back up the SmartView Tracker logs as well.
Does it support automatic scheduling?
R81 and higher - Yes
R80.40 and lower - No
Yes
No
No
Can you restore from different version?
Yes
Note: Snapshots cannot be restored from a version which includes different partitioning system (e.g. GPT) or default filesystem (e.g. XFS). For example, you cannot restore a snapshot from the R77.30 version on an R80.30 3.10 version.
No
With manual adjustments
Upgrade is performed when importing to a newer version
Does it require to close SmartConsole GUI clients?
No
R81 and higher - No
R80.40 - No (only from R80.40 Jumbo Hotfix Accumulator Take 53)
R80.30 - No (only from R80.30 Jumbo Hotfix Accumulator Take 215)
R80.20 - Yes
R80.10 - No (only from R80.10 Jumbo Hotfix Accumulator Take 278)
