This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

R81.10 Jumbo Hotfix Accumulator - New GA Take #45

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
eranzo
Employee
Employee
1 2 3,420
‎2022-04-06 07:40 AM

eranzo_0-1649255891781.jpeg

Hi All,

 

R81.10 Jumbo HF Take #45 is now our GA take (replacing take 30) and is available for download to all via CPUSE (as recommended) and via sk175186.

 

Full list of resolved issues can be found in sk175186.

 

New: Starting from R80.40, Central Deployment allows you to perform a batch deployment of Hotfixes on your Security Gateways and clusters from SmartConsole!!

For more information, see sk168597.

 

Thanks,

Release Operations group

 

2 Comments
the_rock
Legend
Legend
‎2022-04-06 07:57 AM

Installed it in the lab, so far, so good!

0 Kudos
Kris_Pellens
Collaborator
‎2022-04-06 12:59 PM

Hi eranzo,

Thank you for the great news. Then our plan will be the following:

Upgrade part 1: 08-09-10 April 2022

Upgrade of the two management servers in our environment from R80.40 to R81.10:

  1. Security Management Server from version R80.40 Take 120 to R81.10 Take 45
  2. Endpoint Security Management Server from version R80.40 Take 120 to R81.10 Take 45.

Upgrade part 2: 15-16-17-18 April 2022

As per the recommendation of the Check Point TAC,  Multi-Version Cluster (MVC) Upgrade will be used for "shooting the troubles" on our VSX/VSLS clusters, which will be upgraded from R80.20/R80.40 to R81.10 Take 45.

Proactive tickets have been created, because we do expect issues due to software defects; none of our previous Check Point upgrades, from R80.20 onwards, succeeded on the first attempt due to multiple software defects. E.g. routed daemon crashes, segmentation faults, faulty nic drivers on 23000 appliances, ...

Kind regards,
Kris

Notes from the field

8 April 2022

Because the upgrade of the Endpoint Security Management Server "surprisingly" failed, the upgrade of the Security Management Server is still ongoing (e.g. sk35288).

9 April 2022

The following issue showed up on the Endpoint Security Management Server during the import of the database:

9 Apr 2:02:54] ....--> PgDB::RunPgCmdUsingLibPQ
[9 Apr 2:02:54] Going to run the following command: ALTER DATABASE uepm RENAME TO uepm_backup
[9 Apr 2:02:59] libpq error: failed running command: ALTER DATABASE uepm RENAME TO uepm_backup
[9 Apr 2:02:59] ERROR: database "uepm" is being accessed by other users
DETAIL: There are 3 other sessions using the database.

[9 Apr 2:02:59] ....<-- PgDB::RunPgCmdUsingLibPQ
[9 Apr 2:02:59] Failed renaming DB uepm to: uepm_backup
[9 Apr 2:02:59] ...<-- PgDB::RenameDB
[9 Apr 2:02:59] Failed renaming database before restore operation!
[9 Apr 2:02:59] ..<-- PgDB::RestoreFullDbDump
[9 Apr 2:02:59] [ImportUepmPostgresDB::exec] ERR: Failed to restore postgreSQL database
[9 Apr 2:02:59] .<-- ImportUepmPostgresDB::exec

Lately it is impossible to get the expected support, due to the number of tickets and the high workloads at the Check Point TAC (confirmed on glassdoor unfortunately). E.g. it took us more than 4 hours this morning to get the TAC team in a conference call; despite we've opened the ticket and provided the plan of action well in advance. After troubleshooting/investigation, the TAC team found a similar case in Check Point's internal knowledge base; however, the TAC team said that the solution/workaround was not fully documented and that we have to wait until R&D comes online on Sunday. Therefore R&D will be engaged on Sunday 10 April 2022 to find a solution/workaround.

Hopefully we can upgrade our VSX/VSLS clusters next week.

Check Point, may we kindly ask you to deliver a stable software release? Justification:

  1. R80.40 Take 120, R81.10 Take 38, R81.10 Take 44, R81.10 Take 45 were not properly tested.
  2. Every time our firewalls crash, the entire business cripples; no availability implies no security.
  3. As you highlighted in your marketing campaign: your customers and our end-users deserve the best security.
  4. Your customers deserve painless upgrades.

10 April 2022

Check Point TAC and R&D provided excellent support. A big thank you. Both the Security Management Server and the Endpoint Security Management Server are now running version R81.10 with JHF Take 45. We will monitor the stability of the management servers for the next 15 days.

Labels