I am not sure if you follow Check Point support lifetime details, but there are two things you need to know:
1. R70 versions are out of support from March 2013
2. VSX R65 will be out of support in May 2013
Take care and plan your upgrades as soon as you can. There is a hint for those who cannot do this in time: Check Point can extend support for half a year by request. Call you local contacts, it is not yet too late.
Friday, April 5, 2013
Friday, March 29, 2013
Removing traces of old versions - new scripts from Check Point
The most annoying disadvantage of upgrade in place is about having old traces in the file system. Basically, each upgrade leaves old product directories, so with every step you have less and less disk space available.
Removing old files manually is not exactly safe, so many prefer advanced upgrade.
The good news is it is no longer the best option. Check Point has two scripts, for MDM and for regular installations, that should clean your system after the upgrade.
Refer to SK91060 for regular systems and to SK65330 for MDM systems. According to the SK, the latter script is already integrated into R75.50 and R76 MDM installation packages.
With these tools one can upgrade in place and still have optimal disk space available quite close to a clean installation.
Finally, Check Point!
Removing old files manually is not exactly safe, so many prefer advanced upgrade.
The good news is it is no longer the best option. Check Point has two scripts, for MDM and for regular installations, that should clean your system after the upgrade.
Refer to SK91060 for regular systems and to SK65330 for MDM systems. According to the SK, the latter script is already integrated into R75.50 and R76 MDM installation packages.
With these tools one can upgrade in place and still have optimal disk space available quite close to a clean installation.
Finally, Check Point!
Thursday, February 28, 2013
Could not push policy from R75.40VS to R67.10 VSX
A customer of mine could not install policy to a Virtual System on R76.10 VSX cluster after upgrading MDM servers to R75.40VS.
Policy verification was failing with multiple errors (some data removed):
INTERNAL ERROR in execval: optimization disabled: displacement too large
INTERNAL ERROR in execval: optimization disabled: displacement too large
ERROR: Table or domain are not allowed here
ERROR: table '<'quota_table'>' has no predefined format
ERROR: table '<'quota_table'>' has no predefined format
Compilation failed.
Operation ended with errors.
Policy verification was failing with multiple errors (some data removed):
INTERNAL ERROR in execval: optimization disabled: displacement too large
INTERNAL ERROR in execval: optimization disabled: displacement too large
ERROR: Table or domain are not allowed here
ERROR: table '<'quota_table'>' has no predefined format
ERROR: table '<'quota_table'>' has no predefined format
Compilation failed.
Operation ended with errors.
The messages look quite scary, but no worries. The key here is quota_table.
In fact it is an old error from 2007, related to Network Quota being enabled in IPS profile. Disabling Network Quota fixes the issue. Check Point has SK32549 for that.
Although it is something known for long, I am wondering why it has been surfaced only after MGMT part being upgraded.
Please let me know if you encountered this issue as well.
Monday, February 25, 2013
Check Point Security Report 2013 reveals scary picture
If you did not look into 2013 Security report done by Check Point, it is probably a good time to do so.
The document reveals quite disturbing figures: above 60% of networks are infected with bots. About the same amount of "protected" networks is open for P2P. More than half of organisations have DLP accidents. And so far, and so on.
Thursday, February 14, 2013
Appliance sizing tool is available to partners
Remember we have talked about Check Point Appliance Sizing tool some time ago?
Finally, Check Point partners have it available through User Center under Quoting.
Finally, Check Point partners have it available through User Center under Quoting.
Wednesday, February 6, 2013
GAiA SNMP howto SK article
There is a fresh and very nice SecureKnowledge article about SNMP configuration on GAiA, with plenty of screenshots.
Thanks to Ben Peeri for writing it and letting us know.
Thanks to Ben Peeri for writing it and letting us know.
Tuesday, February 5, 2013
User Center application for iPhone
If you are dealing with Check Point UserCenter on a daily basis, you might appreciate new Check Point iPhone app.
It allows you to search SecureKnowledge, access your support requests, see the latest security alerts and browse App Wiki.
It allows you to search SecureKnowledge, access your support requests, see the latest security alerts and browse App Wiki.
Subscribe to:
Comments (Atom)