1. Home
  2. Networking Firewalls
  3. Nokia IP Firewall - Replacing - Planning Downtime

Nokia IP Firewall - Replacing - Planning Downtime

We are soon to be replacing a Nokia IP 330 Firewall Device (running CheckPoint) with a replacement Nokia IP390 (running CheckPoint).

How feasible is it to bring the new box up alongside the old one and do the configuration without disrupting the existing IP330 (to minimise downtime), and then just down the 330 for the final IP switchover etc.?

How much downtime of the 330 is likely to be required in order to replace it with the 390?

We are trying to decide whether to do the work on a weekend when we can plan a whole day downtime or whether to do the work in a working day and plan minimal downtime.

Reply to
K
Loading thread data ...

First off, make sure they're running the same versions of IPSO and CP and the same HFA levels. Also make sure they have precisely the same name, and it is case-sensitive.

Distributed environment or standalone?

If standalone, use the upgrade_export utility to export the current config, then set up the IP390 interfaces, routing table, hosts file, etc. while off the network. Move the .tgz file over to the new one and run upgrade_import and you should be ready to go.

If distributed, set up the new one precisely the same as the old one but off the network. Connect the SmartCenter to the IP390 using a crossover cable, establish SIC and push the policy.

In a distributed environment, you can run for a long time without the SmartCenter being up. I think the CRL is cached for seven days.

Once you make the cutover, reboot all of the devices connected to the firewall interfaces to clear their ARP caches and you should be ready to go. If you cannot reboot one or more of the devices, I've seen it take as long as a half-hour for the ARP caches to clear and traffic to start flowing.

HTH,

Ray

Reply to
JJ

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.