Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Terri_Hawkins
Contributor

Antivirus Database Version

Does anyone know if there is someplace I can see what AV and AB database versions have been released and when? One of our gateways stopped working and I think the first symptom was the AV DB stopped getting updated. I know what version is on the gateway but cannot find a listing anywhere telling me what versions were released and when. I can find it for IPS, but that is still getting updated. 

cpstat antimalware -f update_status shows me the version number installed, but not the package date and the GUI for the gateway just shows 0.

Any thoughts are appreciated,

thanks

terri

0 Kudos
9 Replies
G_W_Albrecht
Legend
Legend

This is not easy at all, as AV has several parts and engines, see sk92264 - ATRG: Anti-Bot and Anti-Virus for details!

sk165562 has:

  1. End the load_sigs process by running # kill -9 <PID> on the Security Gateway

  2. Force an update:

    Anti-Virus: # sed -i "1s/.*/100/" $FWDIR/amw_kss/update/next_update

    Anti-Bot: # sed -i "1s/.*/100/" $FWDIR/amw/update/next_update

  3. Install Policy.

Terri_Hawkins
Contributor

Thanks, I"ll review that.

the_rock
Authority
Authority

Thats odd, because based on below, you would definitely see all that info...can you copy what you actually see?

 

https://community.checkpoint.com/t5/Threat-Prevention/Anti-Virus-Update-Status-Gaia/td-p/108178

0 Kudos
Terri_Hawkins
Contributor

I attached them. I am guessing it does not give me the version date because it is not updating.

0 Kudos
the_rock
Authority
Authority

What @G_W_Albrecht suggested looks very promising, but you can also try below as well, based on the exact error you are seeing. I do agree with you that most likely you dont see the details due to the fact updates are failing.

 

Contract entitlement check failed 

0 Kudos
Terri_Hawkins
Contributor

Thank you, I will run thru this article as soon as we get the gateway operational again.  Right now it is in "down" state and will not go back to "standby". I was hoping that figuring out when the updates stopped may help me figure out when the gateway quit working properly.  We just upgraded our FWMGR to R81 and I was getting ready to update the gateways when I found the one was not operating as expected. I am waiting on a call from a Checkpoint Engineer for assistance and was hoping to provide as much information to them as I could.  Thank you very much for you assistance! This is a great forum!

the_rock
Authority
Authority

Happy to try help you offline as well, not an issue. Be free to send me a private message.

0 Kudos
(1)
Terri_Hawkins
Contributor

Thank you so much!

0 Kudos
Terri_Hawkins
Contributor

So I was never able to figure out which AV and AB database I had, but I did find out the reason they were not updating  and our Gateways weren't working as expected was a bad NAT rule.  Thank you again for all your help.

0 Kudos