This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
handiansudianto
Advisor
‎2023-04-01 01:47 AM

Threat Policy Install failed

Hello,

I upgrade my checkpoint from 80.40 to 81.10 and after upgraded i got error below if i use latest IPS version, but if i use old IPS the threat policy is successfull.

 

Policy: Standard
Status: Failed
    - amw_load_copy_file_to_local: cpFileCopy() failed to copy file sd_updates
    - amw_load_copy_file_to_local: amw_load_copy_file_to_local() sd_updates failed from /opt/CPsuite-R81.10/fw1/tmp/install_policy/d381d0a2-9336-4e10-a181-32cbe182b6b0/FW1/conf/install_manager_tmp/ANTIMALWARE_CURRENTVERCMP/conf  to /opt/CPsuite-R81.10/fw1/state/local/AMW.tmp  dst file anme
    - amw_load_add_state_files: amw_load_copy_file_to_local() failed, file=sd_updates
    - amw_load: amw_load_add_state_files() failed
    - Operation was unsuccessful.

0 Kudos
9 Replies
the_rock
Legend
Legend
‎2023-04-01 05:22 AM

 Just as a simple test, can you try uncheck IPS blade, push policy, recheck and then try again?

Andy

0 Kudos
handiansudianto
Advisor
‎2023-04-01 05:27 AM
In response to the_rock

without IPS enable, the threat policy install is successfully.

Now my IPS using version 635158746 , and if using version 635232122 threat policy is failed to install.

0 Kudos
the_rock
Legend
Legend
‎2023-04-01 05:46 AM
In response to handiansudianto

Just tested in R81.10 and R81.20 with latest IPS package and worked fine, so has to be your environment. Can you run below command?

fw stat -b AMW

Are you using autonomous threat prevention possibly?

Andy

0 Kudos
the_rock
Legend
Legend
‎2023-04-01 05:50 AM
In response to handiansudianto

Below is what Im referring to.

Andy

 

Screenshot_1.png

 

Screenshot_2.png

 

0 Kudos
HeikoAnkenbrand
Champion Champion
Champion
‎2023-04-01 10:29 AM
In response to the_rock

Hi @handiansudianto 

See sk167633 "Errors while loading Threat Prevention policy, Operation was unsuccessful" in the log.

Solution
Perform an IPS update on the Domain.

1. Log in to the Domain on the active CMA.

2. Select "Security Policies" tab and then Policy under Threat Prevention.

HeikoAnkenbrand_0-1680370209679.png
 
3. Click on "Updates" at the bottom and proceed with the IPS update. It can be done through client's internet connectivity or the Multi-Domain Managemet..

HeikoAnkenbrand_1-1680370209678.png4. After the update is finished, push policy to the relevant Gateways and it should work now.
➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos
the_rock
Legend
Legend
‎2023-04-01 01:49 PM
In response to HeikoAnkenbrand

I believe that was a;ready tried, but let @handiansudianto confirm.

0 Kudos
handiansudianto
Advisor
‎2023-04-02 06:40 PM
In response to HeikoAnkenbrand

Hello, already try but still failed. Currently i open ticket to checkpoint support.

0 Kudos
Tal_Paz-Fridman
Employee
Employee
‎2023-04-01 10:18 AM

Can you try to update IPS again to see if it solved the issue (it might be a mismatch in IPS versions).

0 Kudos
_Val_
Admin
Admin
‎2023-04-03 01:46 AM

Please open a TAC case, if the problem is still there: https://help.checkpoint.com

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events