While this was featured last week, it's worth mentioning again as this thread has quickly become one of the most active posts we've had on CheckMates! New commands being added all the time. Have you contributed yours yet?
Check Point Gateway Updates and SHA-256
This issue came up in two different threads:
- Application database update failed
- UTM-1 Edge NW Failed to load VStream Antivirus signature database (Stage: 4, Error code: 5)
Check Point switched to using SHA-256 certificates on the systems which gateways fetch various updates from (e.g. for App Control and Anti-Virus signatures). This impacts all Check Point products. To ensure your gateway can receive updates, check your code version jumbo hotfix level against the following SK: Check Point update and online services migration to SHA-256 based certificates
Postman is a free Google Chrome extension that can be used for testing and experimenting with web-services, such as the Security Management API that was released with R80. A new Postman Collection was added to this thread that will allow you to use Postman with the R80.10 API.
Here's a brief video showing a cool feature in R80.10: the ability to take over a session another administrator has started but didn't commit! We plan to produce additional videos in the near future.
Our Threat Intelligence team has been producing a weekly report that discusses the latest threats for some time now. We are now making these reports available to CheckMates members!
If you're managing any R77.x gateway (including SMB appliances) with R80.10 and you want to use Application Control/URL Filtering, make sure you are creating and using a separate policy layer for this feature. This is because R77.x gateways do not support unified policy the way R80.10+ gateways do.
Did You Know...
The forums have RSS feeds?
You can either subscribe to individual spaces or the whole site!
If you go to the relevant space and navigate to the Content section:
You will find an RSS link at the bottom left:
This link can be imported into your RSS reader of choice.
You'll also notice in the above screenshot that you can get a list of content for the entire site using the link https://community.checkpoint.com/content
Two tips for the price of one