- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
|
6 SG's and 3 SMS's has at this very time same error - anyone else has it just now or something has happened on the CP Clould side?
would appreciate heads up.
|
||||||||||
|
cheers
To sum up
1. Indeed there was a CRL (Certificate revocation list) challenge (Certificate is naturally 3rd party certificate and therefore CRL check is also dependent on the same 3rd party) that caused failure on updates downloads
2. Indeed the response took more than desired
3. During the incident, we did identify the issue fast but it was not as easy to resolve and one would have hoped
4. We take this incident seriously and I am confident that we will avoid this single point of failure in the future.
Thank you for the feedback and collaboration
Dorit
BTW Its also opportunity for other IT leaders in the forum to leverage the same lesson and check if there is critical service that is dependent on CRL check.
Thank you Dorit, we appreciate the transparency.
Thank you for the advice. Unfortunately, I can't do it right now. Is it possible that the proxy buffered some information or something like that? Is it worth trying to connect an appliance from a test zone to check if it receives an update or not? I mean a new one that doesn't contain any traces on the proxy before the accident.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY