This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Samuel_Shiflett
Employee Alumnus
Employee Alumnus
‎2019-01-25 01:33 PM

DNS Flag Day and Check Point

You may have heard about DNS flag day (2019 | DNS flag day ) and are now asking yourself how will this impact your environment.   A number of DNS providers "have agreed to coordinate removing accommodations for non-compliant DNS implementations from their software or services, on or around February 1st 2019. This change will affect only sites operating non-compliant software."  This primarily impacts authoritative DNS servers.  As a result of these changes, you may see your Check Point gateway running IPS drop certain traffic due to Non Compliant DNS. 

Gateways running R77.30 JHF 345 and above (including R80.10 and R80.20) are not impacted.  If you're running a lower version and cannot upgrade then you will need to set the IPS protection "Non Compliant DNS" to detect.   For further information, please see sk112578 or reach out to your local SE.  

2 Replies
Nick_Keith
Participant
‎2019-01-28 10:02 AM

I just checked one of my R77.30 gateways and 345 isnt listed when I checked for updates .

UPDATE: You must search the "Add Hotfxes from the Could" using: Check_Point_R77_30_JUMBO_HF_1_Bundle_T345_FULL.tgz

PhoneBoy
Admin
Admin
‎2019-01-28 05:00 PM
In response to Nick_Keith

That's because JHF 345 is an "ongoing" hotfix, which means it won't be listed in CPUSE unless you get the identifier from TAC. 

Only "recommended" jumbo hotfixes are listed in CPUSE. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events