Re: [FW-1] Backup of Solaris

Subject:	Re: [FW-1] Backup of Solaris
From:	Ramki Security <ramki.security AT GMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 28 Mar 2006 21:44:45 -0500

By far the best way I have seen and also the check point recommended wayis to use upgrade_export to export the firewall configuration if you areusing NGAI R55 or later.


Ramki

Hal Dorsman wrote:

Yes, this is good advice.  By far ufsdump is the best way to clone your
entire disk
from one machine to another.  However, I suppose it is just another
strategy, but I
feel that is you are going to have a backup hardware system, you might
as well go ahead
and build it exactly like your primary, and you don't need an external
disk or mess
with ufsdump and altering your vfstab.  I simply installed my secondary
OS exactly like
my primary, and when my firewall and interface stuff was set up
(including OS hardening),
I tarred up /etc and firewall conf directory, ftp'ed it over to my
secondary, and reboot
secondary.  Voila' ! Identical secondary backup since Solaris gets
everything out of /etc,
including your hardening in RC start files.  I keep my secondary
running, and periodically

retar my /etc and fwconf, and copy over to secondary.

Then Downtime=<time to move your network cables>.

hope this helps.

best regards,

Hal

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of
Reiner.Krause AT GMX DOT DE
Sent: Monday, March 27, 2006 10:39 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Backup of Solaris


Hi,
the easiest way is to connect an external Disk to the Sytsme and make an
ufsdump (with cron) of all partions. With a little script (sed) you have
to modify the vfstab and set an bootblock on the disk.

If your system crashes you can boot the external disk from an other
machine (same Hardware). Downtime = Boottime. If you need a script mail
me.

Regards
Reiner

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Bhavin
Gandhi
Sent: Tuesday, March 28, 2006 5:50 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Backup of Solaris

Hi Hal,

Thanks for pointing that.... how can the same be restored in case if
server crashes.

Thanks,
bG

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM]On Behalf Of Hal
Dorsman
Sent: Monday, March 27, 2006 9:40 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Backup of Solaris


As others have mentioned upgrade_export will back up FW config, but it
will not get your Solaris OS settings which are numerous.  All exist in
/etc so what I do is cd to /etc, 'tar -cvf fwbackup<date>.tar *', then
move tar file to $FWDIR/conf, then tar contents of FWDIR, then ftp tar
file off to cold standby backup server. This way you will have a tar
file that contains everything you need that you can easily move to
backup server or to tape.

You can put these steps in a script and run it with cron periodically.

hope this helps

Hal

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Bhavin
Gandhi
Sent: Monday, March 27, 2006 2:13 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Backup of Solaris


Gurus,

We have R55 Mgmt server & fw module installed on Solaris. Need help in
taking backup of the configuration.

Thanks,
bG


The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.

www.wipro.com

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Backup of Solaris, Bhavin Gandhi Re: [FW-1] Backup of Solaris, Ramakrishnan Pillai Re: [FW-1] Backup of Solaris, Bhavin Gandhi Re: [FW-1] Backup of Solaris, Hal Dorsman Re: [FW-1] Backup of Solaris, Bhavin Gandhi Re: [FW-1] Backup of Solaris, Reiner . Krause Re: [FW-1] Backup of Solaris, Hal Dorsman Re: [FW-1] Backup of Solaris, Ramki Security <=

Previous by Date:	[FW-1] SNX DNS suffix problem, billford
Next by Date:	[FW-1] Can Cisco Content Switching works with firewall cluster (Check Point+ RainWall) ?, Alexander Simbun
Previous by Thread:	Re: [FW-1] Backup of Solaris, Hal Dorsman
Next by Thread:	[FW-1] Windows mobile and SecureClient., O'Sullivan, Sean
Indexes:	[Date] [Thread] [Top] [All Lists]