Been working on migration and upgrade plans for my customers. March 31st is not far off, and R65 is near “end of support.” I did a video that shows what the upgrade process looks like for a basic Provider-1 environment. My lab MDS was on R70.30 and I needed to move it up to R75. This video will show you what that process looks like. I also wanted to show a little trick for mounting a DVD image locally on the MDS, and how to kick off the upgrade.

Provider-1 R75 Upgrade Walkthrough Video

8 thoughts on “Provider-1 R75 Upgrade Walkthrough Video

  • March 8, 2011 at 6:35 pm
    Permalink

    Hi there. Any reason why you ran the “mds_setup” rather than simply running “patch add cd” because the way you have done it, you have missed out on the SecurePlatform upgrades which would normally occur at the same time.

  • March 10, 2011 at 3:09 pm
    Permalink

    Great question. The reason I mounted the .iso and used ‘mds_setup’ instead of ‘patch add cd’ is that I wanted people to see that there are some new features in the R71/R75 ‘mds_setup’ script ( which I will be doing some follow-up videos on). Running either ‘patch add cd’ or ‘mds_setup’ -> ‘Upgrade’ will upgrade both SPlat and the Check Point applications. In Solaris, running mds_setup would not upgrade the OS. I verified this with CP support, but if you have any further information that would lead you to believe that SPlat is not being updated when using mds_setup in R71/R75 please let me know.

  • March 14, 2011 at 1:26 pm
    Permalink

    Yes, I pulled apart the upgrade scripts last night and found, as you stated, that it does exactly the same thing. One wonders why Check Point would over-engineer it such…

  • March 14, 2011 at 2:17 pm
    Permalink

    Kudos to you for verifying that! I am not sure that I agree that this is over-engineered. I think it’s somewhat simplified in that I don’t have to worry about running two sets of patches, and having to think about which to put on first etc. I know from time to time a hotfix may need to be installed, or an RPM to address something on the OS. However for the vast majority, I think simpler is better which means waiting until a major/minor version becomes available and applying it then.

    I am not quite sure I agree/understand the new “mds_setup > export to mds_import” vs. “mds_backup and mds_restore” options introduced in R71. I am still playing around with both and trying to decide when one is really an advantage over another.

  • November 18, 2011 at 5:52 am
    Permalink

    I just did an upgrade from R70.40 to R75 and at OS version I see is R70. I used mds_setup instead of patch add cd.
    Is it normal?

    # cpstat os

    Product Name: SVN Foundation
    SVN Foundation Version String: R75
    SVN Foundation Build Number: 979000247
    SVN Foundation Status: OK
    OS Name: SecurePlatform Pro
    OS Major Version: –
    OS Minor Version: –
    OS Build Number: –
    OS SP Major: –
    OS SP Minor: –
    OS Version Level: R70 R70

  • December 7, 2011 at 1:00 am
    Permalink

    @Akos_Beginner

    Great question. Yes it is normal. There are several different ways and tools for performing an upgrade. The R71 and R75 CDs come with an upgrade utility that is on the CD itself in the ‘linux’ directory, and this is invoked through “mds_setup.” I am guessing you used this tool for your upgrade, and it is probably one of the easier paths to take. My reason for posting this video was to address the size issue of R75 and how it can only fit on a DVD. There are a lot of open platform gateways in production that still only have CDROM drives, so this might make mounting the .iso image locally a necessity.

  • December 8, 2011 at 11:01 am
    Permalink

    Hi! fireverse, Can you help me with a problem, I try migrate a Security Management (R75.20) to Provider-1 (R75.20), but I can’t upgrade the policies on Provider-1, I tried with differents commands, cma_migrate, migrate export, etc… unsuccessfully

    Can you tell me how i can to do it?

    thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *