This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
sdellsperger
Contributor
‎2019-02-15 01:24 AM

Why does the firmware setting "check point latest" doesn't work?

Hi together,

We have several SMP Plans, where we have decided to install always the latest firmware:

Unfortunately all firewalls remain at firmware R77.20.81_990172541 and I don't understand why.

I would like to update (automatically) to R77.20.85.

Has somebody the same problem? 

Thanks.

Kind Regards

Severin Dellsperger

9 Replies
Pedro_Espindola
Advisor
‎2019-02-15 06:02 AM

I think this setting depends on the result of the automatic firmware upgrade check on the gateway, so I believe the issue is not in the SMP but in the gateway.

My gateways with build 541 all say they are up to date:

Check Point update services might be configured to report R77.20.81 as the latest version to the gateway. There are reports of instability in version R77.20.85 with central management in R77.20.85 performance issue on centrally managed SMB, I don't know if that is related.

You can always configure R77.20.85 in "Specific Firmware Version" and it will upgrade automatically at the defined time.

sdellsperger
Contributor
‎2019-02-15 06:12 AM
In response to Pedro_Espindola

Thanks.

Yes, we have the same behaviour, every box reports it's on the latest stand(with R77.20.81).

I don't know why we can download the official released firmware R77.20.85  (R77.20.85 for Small and Medium Business Appliances) and the same version isn't listed as the checkpoints latest.

Maybe I have to use the "Specific Firmware Version" tab...

0 Kudos
PhoneBoy
Admin
Admin
‎2019-02-15 04:24 PM

We don't upgrade everyone to the latest release immediately when a new version comes out.

We roll it out gradually over time to the entire install base.

sdellsperger
Contributor
‎2019-02-18 04:30 AM
In response to PhoneBoy

Thanks for the info Smiley Happy

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2019-02-18 12:45 AM

I do not think that firmware updates should be an automatic action - i remember SMB sites with inoperable internet access after nightly firmware updates, and such a situation must not occur at all ! I know that it would be the easiest way to check automatic upgrade, but even CP now rolls it out over a longer time, and not without reason .

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
sdellsperger
Contributor
‎2019-02-18 04:31 AM
In response to G_W_Albrecht

Yes of course. Probably I have to change the settings...

0 Kudos
LuisSP
Collaborator
‎2019-02-22 09:51 AM

I have appliance 1490 on locally management. After suffering an automatic update of the firmware that caused me problems, I decided to change to manual update.

The appliance had R77.20.80 build 990172392 and was updated to R77.20.81 Build 990172541. When they released R77.20.85 the appliance never detected it, I had to download it and do the manual update. Even though R77.20.85 corrected me some things that were giving me a headache, it brought me a new problem, after a few hours and with the normal network traffic of the client, the firewall no longer allowed traffic to the Internet and no I could manage it, it did not respond to the ping either. I have a ticket raised for this problem, recently released a new build but the problem persists. The point to the original question is that the technical support of checkpoint told me that it is possible that the area responsible for firmware updates has "deactivated" the detection of this firmware for the problems it has presented.

PhoneBoy
Admin
Admin
‎2019-02-22 10:47 AM
In response to LuisSP

There's a couple bugs we are tracking here: 

R77.20.85 performance issue on centrally managed SMB

Recommend engaging with the TAC.

How To Open a Case with TAC and/or Account Services

LuisSP
Collaborator
‎2019-02-22 03:19 PM
In response to PhoneBoy

Thanks... I've a Service Request open on TAC.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events