This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
MarcVB
Contributor
‎2022-12-05 05:51 AM
Jump to solution

Harmony endpoint - client upgrade

Hi,

I have a lot of small customers (< 10 Windows pc's) who are using Harmony Enpoint protection. Now I want to upgrade them all to the newest (recommended) version E86.60

Is there a best practice to do the upgrade ? 

There is a sk (sk164896) but this is only relevant for on-premise Endpoint Security Servers. All my customers are managed via the cloud (Infinity portal) 

Thanks.

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
‎2022-12-05 06:06 AM
Jump to solution

Just try the Endpoint Security Client upgrade through deployment rules as explained in the Admin Guide !

Upgrades are seamless to our users. A new type of Push Operation are rolled out and added to all Harmony Endpoint users.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

0 Kudos
7 Replies
Swiftyyyy
Advisor
‎2022-12-05 05:59 AM
Jump to solution

The video in the SK is still somewhat relevant even to the Cloud managed version. 

What I'd like to mention though, depending on the size of your organization, it's strongly recommended to segment your upgrade into groups.

If you simply move up the version on your "Entire Organization" deployment rule you'll likely end up overwhelming your WAN links.
This is an issue with the on-premise solution, causing trouble at the LAN level in some cases but as you can imagine, the problem is even greater when piping all that traffic to a likely more limiting WAN pipe.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-12-05 06:02 AM
In response to Swiftyyyy
Jump to solution

If the number of clients is <10 for each customer segmentation is not needed at all 😉

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Swiftyyyy
Advisor
‎2022-12-05 06:03 AM
In response to G_W_Albrecht
Jump to solution

Of course.
Our general practice is to push in waves of ~70 Endpoints (in some cases more in some cases less..)

Regardless, would be a whole lot easier if Check Point were to implement a "randomize" option during these operations. Trellix (formerly McAfee) has that with ePolicy Orchestrator and deployment operations are very easy there.

Of course the more sensible choice would be to just use a 3rd party deployment tool 🙂

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-12-05 06:17 AM
In response to Swiftyyyy
Jump to solution

I do not understand your reference to large installatons here - why not create your own post with explanations of best upgrade practices in large scale deployments ? But not here as we do not need it  - the original question concerns only customers with <10 clients...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend
‎2022-12-05 04:17 PM
In response to Swiftyyyy
Jump to solution

O yea, ePolicy Orchestrator, pretty cool tool. I agree!

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-12-05 06:06 AM
Jump to solution

Just try the Endpoint Security Client upgrade through deployment rules as explained in the Admin Guide !

Upgrades are seamless to our users. A new type of Push Operation are rolled out and added to all Harmony Endpoint users.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
MarcVB
Contributor
‎2022-12-05 11:27 AM
In response to G_W_Albrecht
Jump to solution

Thanks. I tried, with success,  the upgrade through deployment rules in my environment.

I have to inform the customer that he will get a pop-up window - asking to do the upgrade now or within 47 hours.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events