Of largest significance are your policy file, .W, and objects.C -- from these two you can regenerate the rulebases.fws file
(./fw m -g *.W).
The cp.license file may be useful, but if you know your certificate key, you can request a copy of it from the checkpoint license site.
The fwauth.NDB (mgmt. module only) file keeps information about your users & user-groups, so unless you're not doing any authentication or
securemote (minus LDAP stored users..), you'll want to grab this file too.
The fwauth.keys file contains all the putkeys you've set -- backing this up probably isn't necessary since you'll have to redo the putkeys
anyways. This may not be existant if in single gateway mode with no opsec add-ons tied into it.
The fwmusers (mgmt. station only) file contains all the usernames and passwords (including permissions), for GUI-Client access.
The gui-clients (mgmt. station only) file tells which remote systems are allowed to log into the management station via the GUI and manage it.
The masters file (fw module only) just has the address of the management server in it.
The product.conf file tells which options you have purchased, want turned on, and such.. restoring it will save some reconfiguring.
The seed file will allow you to utilize the parts that are stored encrypted -- user passwords and such. Without it, expect to change a
lot of passwords.
The sync.conf (fw modules only) file is used when doing high-availability state-synchronization.
The serverkeys file (or serverkeys.* on unix) are hashes of the putkeys (fwauth.keys file).
(./fw m -g *.W).
The cp.license file may be useful, but if you know your certificate key, you can request a copy of it from the checkpoint license site.
The fwauth.NDB (mgmt. module only) file keeps information about your users & user-groups, so unless you're not doing any authentication or
securemote (minus LDAP stored users..), you'll want to grab this file too.
The fwauth.keys file contains all the putkeys you've set -- backing this up probably isn't necessary since you'll have to redo the putkeys
anyways. This may not be existant if in single gateway mode with no opsec add-ons tied into it.
The fwmusers (mgmt. station only) file contains all the usernames and passwords (including permissions), for GUI-Client access.
The gui-clients (mgmt. station only) file tells which remote systems are allowed to log into the management station via the GUI and manage it.
The masters file (fw module only) just has the address of the management server in it.
The product.conf file tells which options you have purchased, want turned on, and such.. restoring it will save some reconfiguring.
The seed file will allow you to utilize the parts that are stored encrypted -- user passwords and such. Without it, expect to change a
lot of passwords.
The sync.conf (fw modules only) file is used when doing high-availability state-synchronization.
The serverkeys file (or serverkeys.* on unix) are hashes of the putkeys (fwauth.keys file).
No comments:
Post a Comment