12-19-2018 12:44 AM - edited 03-12-2019 04:17 AM
I am actually in planning phase of a firewall migration project. I have a customer who wants to migrate from Checkpoint firewall to Cisco firepower.
Can anyone recommend a good conversion tool that I can use to convert rules from the current Checkpoint firewall to Cisco?
Any guidance and supporting documentation is appreciated.
12-19-2018 02:59 AM
I am not aware of any direct conversion tool from Checkpoint to Firepower.
You can use the self-service tool to convert Checkpoint to ASA : https://fwmig.cisco.com
The page is self-explanatory but will need a lot of validation after the conversion.
Then, you can use another self-service tool for ASA to Firepower conversion.
Its present on Cisco Software site : https://www.cisco.com/c/en/us/td/docs/security/firepower/migration-tool/11/migration-guide/ASA2FTD-with-FP-Migration-Tool-11/b_Migration_Guide_ASA2FTD_chapter_01011.html#id_70722
It supports migration to 6.3 and + only.
12-20-2018 01:32 AM
I'm not positive but the fwmig self-service tool may be limited to staff and partners.
It does work though it has been a while since I tried a Checkpoint migration.
12-19-2018 03:00 AM - edited 12-19-2018 03:09 AM
Posted it two times.
03-23-2020 06:54 AM
Hello Gb,
Cisco Firepower Migration Tool 2.0 support migration from Check Point versions R75-R77.30. This tool is available on software.cisco.com , you can get more details from https://www.cisco.com/c/en/us/td/docs/security/firepower/migration-tool/migration-guide-CP/CP2FTD-with-FP-Migration-Tool.html.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: