cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Di_Junior
Silver

Health Check Script Analysis

Dear Mates

I have been looking into the healthcheck script, and I have a question about the system uptime section. Why does it generate a Warning if the system has not been rebooted over a year? what is this criteria based on? is it related to the appliance maintenance ? I got this warning after running the script, and I would like to understand why is it a "problem".

Another question is related to the Smart Preventive Maintenance, does Check Point have a recommended time frame where the systems have to go through a Smart Preventive Maintenance? like cleaning the funs, power supply, etc.

0 Kudos
4 Replies

Re: Health Check Script Analysis

This criteria is based on experience. It has happened that a device rebooted after a longer uptime did not come up again Smiley Sad as the file system was corrupted. Regular reboot ( every 2 - 4 weeks) is mostly able to repair minor file system errors with the automatic fsck called upon boot.

0 Kudos
Di_Junior
Silver

Re: Health Check Script Analysis

Thank you very much.

0 Kudos

Re: Health Check Script Analysis

From audit point of view,  "best practise" is to perform regular reboot of every firewall...

The same applied to perform regular restore from backup on every Check Point appliance type.

... but we all know how impossible is to do that...

PS: Not sure if Check Point Health Check script is checking status of backups. Maybe idea for next update Smiley Happy

Kind regards,
Jozko Mrkvicka
0 Kudos
Employee+
Employee+

Re: Health Check Script Analysis

if the GW is up for 1 year, this mean that your not patch the device to recommended patch level(=Jumbo).

We can hit an issue that already discovered and resolved, or missed imported enhancements Smiley Happy

0 Kudos