Move Firewall Analyzer Server installation to another server

    This procedure is applicable for Firewall Analyzer version 12.5 (Build 12500) onwards

    How to find build number?

    In the Firewall Analyzer web client, click the profile icon in the top right corner. You will get the About page with build number details.
    If you are not able to open the user interface, go to the folder \html\ and open the file About.properties in a notepad, you can find the build number in the file. 

    This procedure is applicable for Firewall Analyzer version 12.5 (Build 12500) onwards 

    How to move Firewall Analyzer installation to a new server? 

    Note:

    Ensure that the License file in the old server is copied to the new server after moving the Firewall Analyzer to the new server. 

    Before moving the Firewall Analyzer installation to a new machine, ensure that the build of the old installation is latest. If not, upgrade in the old installation to the latest build and proceed further. To find out the build number:

    • In the Firewall Analyzer web client, click the profile icon in the top right corner. You will get the About page with build number details.  
    • If you are not able to open the user interface, go to the folder \html\ and open the file About.properties in a notepad, you can find the build number in the file.

    Follow the steps given below to move Firewall Analyzer installation to a different server:

    1. Stop the ManageEngine OpManager service.
    2. Navigate to \MangeEngine\OpManager\bin folder and execute the below commands using the 'cmd' with admin privillege. i) shutdown.bat (shutdown.sh for linux) ii) stopPgSQL.bat (stopPgSQL.sh for linux)
      Note: Make sure Postgres, java & FirewallAnalyzerTrayIcon.exe / OpManagerTrayIcon.exe processes not running in task manager post stopping the OpManager service. if any of these processes is running, kill only the Firewall Analyzer related process.
    3. Open 'cmd' with Admin privilege and navigate to \MangeEngine\Opmanager\bin\ and execute 'OpManagerService.bat -r' to remove service in old server and now open service.msc and check whether previous ManageEngine OpManager service has been removed.
    4. Copy the entire ManageEngine folder from the current server and paste it in the new server.
    5. Open 'cmd' with Admin privilege in the new server and navigate to respective drive where you have placed the installation folder: \MangeEngine\Opmanager\bin and execute below commands one after other
      1. OpManagerService.bat -i
      2. iinitPgsql.bat
    6. Start newly created ManageEngine Opmanager service from the new server and let us know how it goes. 
    Note:

    Please assign the same (old server) IP address to the new server (if possible) since firewalls been forwarding syslogs to old server IP address. Otherwise, you need to configure the firewall devices to forward syslogs to the new server IP address.

    We suggest not to delete the installation folder in old server unless Firewall Analyzer everything works fine in the new server.

     

    Warning:

    Take extra care and ensure that the Firewall Analyzer is not running on both the machines while performing this operation

    How to move PosrgreSQL data from 32 bit machine to 64 bit machine? 

    • Stop Firewall Analyzer Server
    • Kill PostgreSQL and java processes
    • Execute startDB.bat/sh script and traverse to pgsql/bin folder in command prompt
    • Take database dump using below command:
    pg_dump.exe -U postgres -p 33336 firewall > dump.sql
    • The dump.sql file will be under <database home>/bin folder
    • Install Firewall Analyzer 64 bit edition on 64 bit machine
    • Do not start the new installation or reinitialize db if already started
    • Copy 32 bit machine dump.sql file to 64 bit machine <FIrewall Analyzer home>/pgsql/bin folder
    • To restore data on 64 bit machine, execute below command:
    bin>psql.exe -U postgres -p 33336 firewall < dump.sql
    • Copy archive from 32 bit machine to 64 bit machine
    • Start Firewall Analyzer.

     When you cahnge database, only data stored in that can be retrieved. There are many reports/data that comes from files too. You need to transfer below files from old server location.

    1. OpManager<home>/server/configData - Consists of device rule related reports like standards, compliance reports.
    2. OpManager<home>/server/reports - Consists of all scheduled reports, rule impact analysis and suggestion reports.
       

    Procedure to move Firewall Analyzer Server installation to another server for MSSQL database 

    1. Stop Firewall Analyzer server/service.
    2. Download and install the latest build of Firewall Analyzer from the following link:

    https://www.manageengine.com/products/firewall/download.html

    1. Once you install the application in the new machine, ensure that you do not start the application or shutdown the Firewall Analyzer, if started.
    2. Navigate to \MangeEngine\OpManager\bin folder, execute the DBConfiguration.bat, configure the MSSQL server credentials of the earlier Firewall Analyzer server installation, save it.
    3. Start the Firewall Analyzer server/service on the new machine and check whether the data and the configurations are intact.

    Alternative way to use another MSSQL database is, providing necessary database information at installation phase itself.

    Example of configuring in the installation panel is shown below.

     

     

    Configuring at the installation panel is the easiest way.

    You don't need to do any operation in old server. Keeping in it shutdown mode is fine.