This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
srihari_ml
Explorer
‎2024-09-15 11:27 PM

Kindly need information on upgrading 4800 from R77.30. to R80.10 using cpuse

We are currently utilizing the 4800 (4GB) as an independent gateway for a mobile access blade. Our objective is to upgrade the gateway from version r77.30 to 80.10 through CPUSE in order to address the findings from Bitsight. Please advise if a fresh installation is the sole option available, as upgrading the RAM and replacing the device are not feasible due to budget constraints.

0 Kudos
7 Replies
_Val_
Admin
Admin
‎2024-09-15 11:39 PM

Please be advised, R80.10 is very old and EOL ages ago.

All documentation and upgrade packages, including CPUSE upgrade package for R77.XX, are available in sk111841 

srihari_ml
Explorer
3 weeks ago
In response to _Val_

Dear @_Val_ ,

I am doing an upgrade test using Check_Point_R80.10_T479_Fresh_Install_and_Upgrade_from_R7X.tgz, but the import of this package does not finish even after waiting for more than 2 hours.(Errors that were displayed with other packages so far do not occur.)Even if I close the session and reopen the GUI, it appears that the import is not completed. Please find the screenshot and suggest.

Thanks and regards.

Preview file
81 KB
0 Kudos
PhoneBoy
Admin
Admin
3 weeks ago
In response to srihari_ml

You need to update to the latest Deployment Agent before doing any upgrades: https://support.checkpoint.com/results/sk/sk92449 
Even so, unless your Standalone 4800 has at least 8GB of RAM, you will not be able to run R8x releases.

0 Kudos
emmap
Employee
Employee
3 weeks ago
In response to PhoneBoy

From the screenshot the Deployment Agent has already been updated, but to the wrong one. It should not be the latest version (which it seems to be) but the older one in the article listed for versions R80.30 and older. 

0 Kudos
PhoneBoy
Admin
Admin
‎2024-09-16 08:06 AM

Is this a Standalone (i.e. no external management) 4800?
Unfortunately, according to the release notes, R80.10 will not run in a Standalone configuration with under 8GB of RAM: https://sc1.checkpoint.com/documents/R80.10/WebAdminGuides/EN/CP_R80.10_ReleaseNotes/html_frameset.h... 

Also, am curious what specific findings you're referring to from Bitsight.
If it is related to CVE-2024-24919, we have patches for R77.30 here: https://support.checkpoint.com/results/sk/sk182336
If you weren't aware of this CVE previously, it is highly recommended to patch for this issue and follow the remediation steps in the SK.

0 Kudos
srihari_ml
Explorer
4 weeks ago
In response to PhoneBoy

These are bitsight findings for the device:

Website Does Not Implement HSTS Best Practices
Website does not implement X-Content-Type-Options Best Practices

 

We are only using it as standalone Mobile access blade and no VPN and Threat detection were configured on the device.

0 Kudos
PhoneBoy
Admin
Admin
3 weeks ago
In response to srihari_ml

Since you have Mobile Access Blade enabled, you are vulnerable to CVE-2024-24919 unless you apply the relevant patch or upgrade to a version where the issue is fixed.
Please refer to the following section of sk182336:

image.png

I believe you can fix the issues Bitsight identified without an upgrade: https://support.checkpoint.com/results/sk/sk138813 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events