Hi Dameon,

Thank you for your interest. What I am asking is that as you publish the IPS updates, mostly we get this updates a few days later. Until we get an update which is published a couple days ago, we may not be protected and open to vulnerabilities. Is it possible to get the update notification as soon as you publish the signatures? Do you prioritize your customers based on some kind of types such as geolocation etc. to be able to protect your update servers from excessive requests?

If you configure automatic updates and threat policy installation as described above, you'll always have the most recent signatures applied to your gateways, whether or not they are mentioned in the IPS-NEWS emails.

The signatures are distributed via CDN, so there may be a delay from when we publish to when they are available to you.

I followed up with some folks in the IPS team.

It turns out we actually do send out emails every time the signatures are updated to the IPS-NEWS mailing list.

We send these emails immediately after pushing, though emails may be delayed for various reasons outside our control.

If you see an IPS update and didn't get an email about it, please let us know so we can troubleshoot.

Actually, the main issue is not getting an email about IPS update. I get an email about IPS update but I do not see the available update within a short time on my management server which configured already as you stated above. If Checkpoint or the other security companies or the communities related cybersecurity aware and inform about a vulnerability, and let's say Checkpoint take necessary measures for that specific vulnerability and published the protection via IPS signature update, the delay can be annoying. Security is the main concern nowadays, and the delays take around 3-4 days is unacceptable for me. 

The same situation draws attention to another member of Checkmates community (Oracle Web logic Server WLC Vulnerability ). For this member, it lasted only one day which was 4 days for me.

Maybe a couple hours after e-mail notification, if the IPS update is not available for me, I should download offline updates if possible. Would you mind sharing with me where can I download the offline updates?

Offline updates require agreeing to a specific EULA, which your local account team can assist with.

As for the delay in receiving updates, I will check offline how we can troubleshoot this and contact you privately.

Actually, scratch that.

Please open a ticket with the TAC so we can troubleshoot why you're not getting the updates within, say, a couple hours of the email going out.

Contact Support | Check Point Software 

Thank you Dameon for your concern. Tomorrow we are going to open a ticket. I hope we can understand the reason and solve this issue with your great effort.