This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
SWBW_Florian
Contributor
‎2024-01-16 05:49 AM
Jump to solution

onprem Anti-Malware signature updates not working

Hi there,

were having issues with our Harmony Endpoint Security onPrem installation. Especially with the Anti-Malware Signature Download on our Clients.

We have an onPremise Installation at version 81.20 and Clients at 87.62

We dont experience any issues with policy-distribution or communication between the clients and the management engine.

The Management engine (seen through SmartEndpoint) is also reporting an updated malware signature database at "Tools -> Anti-Malware Updates" with version 202401160600

If i chose to "update now" at a clients all policy downloads and installations are fine. Everything but the Anti-Malware update through our own server.

If configured to download the signature updates through the external server (zonealarm) the update is running, even seen through the ngfw, fine over the internet. But if i disable the external source the client wont update

"Anti-Malware couldnt get updated. No connection to server"

no blocks seen in the logfiles. I have no Idea where to look for the source of this

 

The installed client packages are created through the SmartEndpoint Software

 

Thanks in Advance

Florian

regards
0 Kudos
1 Solution

Accepted Solutions
SWBW_Florian
Contributor
‎2024-03-20 06:18 AM
In response to JamicoG
Jump to solution

hi there,

yes, we found the source of all that evil. Its about checkpoints E1 and E2 kind of versions of harmony endpoint client. Its a bit complicated. (DHS, evil russia and so on ... )

at first rollout you can only roll E1 versions out. After the first rollout you can deploy E2 version through the EPS management

E1 is evil, E2 is DHS conform and therefor onprem compatible

have a look here: https://support.checkpoint.com/results/sk/sk178307

regards

View solution in original post

(1)
6 Replies
PhoneBoy
Admin
Admin
‎2024-01-18 04:22 PM
Jump to solution

Have you opened a TAC case? https://help.checkpoint.com 
Might be necessary here to understand why this is happening.

0 Kudos
SWBW_Florian
Contributor
‎2024-01-18 09:58 PM
In response to PhoneBoy
Jump to solution

Hi PhoneBoy and thanks for your reply

will try there

regards
0 Kudos
the_rock
Legend
Legend
‎2024-01-18 04:27 PM
Jump to solution

Have you tried with maybe a different version of the client to see if it makes any difference?

Best,

Andy

0 Kudos
SWBW_Florian
Contributor
‎2024-01-18 09:59 PM
In response to the_rock
Jump to solution

because of another issue (high cpu usage on special server OS) we already have different client versions out in the field. Same issue there

 

regards

regards
0 Kudos
JamicoG
Explorer
‎2024-03-20 12:54 AM
In response to SWBW_Florian
Jump to solution

Hi Florian,

Were you able to get an answer for this issue? I get a lot of cases opened for the same issue recently.

0 Kudos
SWBW_Florian
Contributor
‎2024-03-20 06:18 AM
In response to JamicoG
Jump to solution

hi there,

yes, we found the source of all that evil. Its about checkpoints E1 and E2 kind of versions of harmony endpoint client. Its a bit complicated. (DHS, evil russia and so on ... )

at first rollout you can only roll E1 versions out. After the first rollout you can deploy E2 version through the EPS management

E1 is evil, E2 is DHS conform and therefor onprem compatible

have a look here: https://support.checkpoint.com/results/sk/sk178307

regards
(1)

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events