Skip to main content
vishal
vishal
Visitor III
March 15, 2023
Question

Checkpoint to fortigate migration

  • March 15, 2023
  • 2 replies
  • 9952 views

Hi All,

 

Need to migrate checkpoint to Fortigate using forticonvertor tool. Can anyone help me what are points i need to considered or prequiste i need to collect for smooth migration.

 

 

2 replies

jintrah_FTNT
Staff
jintrah_FTNT
Staff
March 15, 2023

Hi Vishal,

 

Please check Check Point Conversions | FortiConverter Tool 7.0.1 (fortinet.com)

 

best regards,

Jin

vishal
vishalAuthor
Visitor III
March 15, 2023

Hi Jintrah,

 

Thank you for your response. But my checkpoint  Smart console and gateway (firewall) are at R.77.10. I'm not finding any document to convert checkpoint configuration of above version using forticonvertor to fortigate.

 

Please share it if you have any.

jintrah_FTNT
Staff
jintrah_FTNT
Staff
March 15, 2023

Hi,

 

Should be done in same manner as other versions, Forticonverter 7.0.1 supports NGX R65 onwards, found in https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/012b3e07-7667-11ed-8e6d-fa163e15d75b/forticonverter-7.0.1-release_notes.pdf

 

best regards,

Jin

maskabone
maskabone
New Member
March 15, 2023

Hello all,

So I never worked with checkpoint FWs. I will do a checkpoint > fortigate migration and curios about some stuff in checkpoint. I especially would like someone that have done the same migration (from checkpoint > fortigate)

  1. In Fortigate, to segmenting the firewall into several domains, we call them a VDOM. Basically a firewall inside a firewall (you guys probably know that already..). What is it called in the checkpoint world?

  2. In the “Forti” world, we have fortimanagers that can manage several firewall from only one management plane which make it very easy to administer the firewalls (especially if you have like 10 fortigates). Do you call it “mds” in the checkpoint world? Does it work the same way as a fortimanager?

  3. I read something about VPN communities. The checkpoint firewall do have a vpn community. Is that equivalent to something like SD-WAN? How does it really work?

I obviously already googled all of this but have a hard time to understand the documentation.

Appreciate all your help.

funkylicious
SuperUser
funkylicious
SuperUser
March 15, 2023

1. VS-es ( virtual server ) in VSX deployment

2. SMS ( Security Mgmt Server ) if you want to manage them all from a single 'ADOM'-like wise in FMG, or MDS ( Multi-Domain Server / Provider-1 ) if you want to create 'ADOM's like in FMG for different reasons

3. SD-WAN is not necessarily related to VPN Communities. In Forti world you have hub-n-spoke, site-to-site, or remote-access in relates to VPN, whereas in CP world you have mesh / star 

 

"jack of all trades, master of none"
    Terms & ConditionsAccessibility statement