I have had people ask me about my other backup post about the types of backups you can do. Everyone wants to know “when” should they do a specific type of backup. Well I took this right from sk105385
Backup files are taken on a regular basis, and it is recommended to always perform a backup before performing an upgrade. A backup creates a compressed file that contains the Check Point configuration including the networking and operating system parameters, such as routing and interface configuration etc., but unlike a snapshot, it does not include the drivers.
A backup, unlike a snapshot, can be restored on the same or a different appliance running the same Check Point version and hotfixes, but the backup file contains the MAC addresses of the original appliance, on which it was taken, and these MAC addresses will be restored as well.
Before restoring a backup to replacement hardware, the original MAC addresses on the replacement hardware should be recorded. After restoring the backup on the new machine, the MAC addresses should be changed back to the original (recorded) MAC addresses. In Gaia this can be done via the WebUI, For SecurePlatform please contact Check Point Support for assistance with this.
To migrate the configuration between a replacement SecurePlatform appliance or a replacement Gaia appliance, instead of restoring a backup on a replacement appliance, it is recommended to use the migrate export and migrate import tools or the upgrade_export and upgrade_import tools found in $FWDIR/bin/upgrade_tools/.
Snapshots are typically performed when the appliance was first installed and in a maintenance window before performing a major upgrade. A snapshot creates a file that contains a binary image of the entire root (lv_current) disk partition. This includes all of the operating system and various Check Point software files, such as specific drivers.
The log partition is not included in the snapshot, so any locally stored Firewall logs will not be saved.
Snapshots are appliance-specific and can only be restored on the same hardware.
migrate export / upgrade_export
The migrate export (Pre-R75) or upgrade_export (R75 and later) utility backs up all Check Point configurations independent of hardware, OS, or version, but does not include OS information. This utility may be used to backup management server configurations and is intended for upgrades or migration of database information to new systems with hardware changes, BUT will not work when downgrading to an earlier version.
It is recommended to perform an export at least every month or more often, depending on how frequently changes are made in the policy or network. It is also highly recommended before upgrading or migrating to a new version. Does not cause interruption of the services so it can be performed anytime outside a maintenance window.