Friday, February 9, 2018

R80.10 Database




Database Revisions In pre-R80.10 versions, revisions were saved on the server as a backup, to restore in case of disaster. Each revision replicates the management database completely.

The new R80.10 architecture has built-in revisions. Every time you publish, an additional revision is created and automatically stored. Each revision establishes a new baseline in the database and contains only the changes from the previous revision. Thus, it consumes less disk space and is created faster than before. This solution improves performance and many of the new management capabilities are based on it.

Faster policy verification using the difference between installed revisions.
More efficient Management High Availability based on the changes made since the previous synchronization.

 The following diagram illustrates the database revisions over time:



psql_client cpm postgres
...


SELECT table_name
 FROM information_schema.tables
 WHERE table_type='BASE TABLE' and table_name like '%___%'
ORDER BY table_name;



psql_client cpm postgres -f /some_path/remove_dynlog_sccp_state_machine.txt

PSQL  - R77.30  Front End Database

SOLR  - R80.10  Backend Database   (Can read SQL Tables )


Install Policy In R80.10, 

Policy Verification underwent a major improvement. From our investigations, we found that in large rulebases, a significant part of the install policy time is taken by the verification phase. Using the R80.10 built-in revision technology, we were able to significantly improve the install policy time for large rulebases. The new solution verifies only the rules changed since the last policy installation. 

For example: On tests we performed on a certain large rulebase, on-going policy installations of R80.10 were six times faster than a similar policy installation, with similar changes, in R77.30. Note: First policy install after upgrading to R80.10 might still take more time, because it creates the first baseline. Consequent installations will benefit from the mentioned improvement. Starting with R80.10, on R80.10 gateways, the Access Control policy can be installed separately from the Threat Prevention policy. 

Benefits include: 
Improved performance when installing Access/Threat only. 
Role segregation support for organizations in which Threat is managed separately from Access. One administrator will not affect the other team’s policy.