Imperva Cyber Community

communities_1.jpg
 View Only

Automating the MX Export/Import

  • 1.  Automating the MX Export/Import

    Posted 12-07-2021 04:44

    Hi I'm looking into the possibility of automating as much of the MX export/import process as possible.
    We will be using version 14.4.0.16 running on demand instances in AWS.
    From this version it appears that Imperva have taken a different approach to patching.
    Instead of patching the MX online from the public ftp site, the new method follows the blue/green approach.
    A new MX is created, the export from the current MX is imported, and the two are swapped over.

    The rough steps go as follows.

    Export

    1. Log onto MX from jumpbox using pem and passphrase.
    2. Unlock MX with a command and the licence key.
    3. Log off and on again.
    4. Switch to root user.
    5. Get AWS access keys.
    6. Run export command using AWS access keys. This copies export to s3.

     

    Import

    1. Log onto MX from jumpbox using pem and passphrase.
    2. Unlock MX with a command and the licence key.
    3. Log off and on again.
    4. Switch to root user.
    5. Get AWS access keys.
    6. Run import command using AWS access keys.
    7. Page through the license agreement and type ACCEPT at the end.
    8. Reboot when import is finished.

    Has anyone attempted to automate this? Any tips?
    Can you perform the import silently? i.e. without having to page through and accept the licence agreement?
    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Rick Bowden
    Infrastructure/DevOps Engineer
    Aviva
    Eastleigh
    ------------------------------