Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jerom_van_den_H
Explorer

CPVIEW Software-Blades R80.10

In CPVIEW Software-blades overview 

I do see an update time for Anti-Virus and Anti-Bot.

But when I install the latest IPS update I don't see any Update Time.

Any ideas what this would cause.

See attached a screenshot.

When I Look in the Smartdashboard I do see an Update Time.

We also have a monitor that does a check to see a last updates time and this does work

See the script below.

CLI

 

grep -A2 "sd_last_update_time" /var/opt/CPsuite-R80/fw1/state/local/AMW/local.IPS.set

   : (sd_last_update_time

    :type (int)

    :val (1519719370)

 

EPOC time: 1519719370

 

date -d @1519719370

Tue Feb 27 09:16:10 CET 2018

13 Replies
XBensemhoun
Employee
Employee

I, could you share with us the Security Management Server version (R80 or R80.10) and Jumbo HF installed ?

I've check on R80 and R80.10 known limitations but your issue is not part of those sk.

I see that scheduled update is not planned : could you try to enable this ?

Information Security enthusiast, CISSP, CCSP
0 Kudos
Gaurav_Pandya
Advisor

I suspect this is bug and may be overcome with latest hotfix or upcoming hotfix. However you can check by scheduling IPS update as suggested by Xavier.

G_W_Albrecht
Legend
Legend

I can see this issue replicated on my Lab GW R80.10 JT 70 - but there, only IPS is N/A, the other three show Update Time values, even APCL... So it seems that currently this is available in Dashboard only - # ips stat only shows the version, not the update date & time.

CCSE CCTE CCSM SMB Specialist
0 Kudos
G_W_Albrecht
Legend
Legend

I had planned a fresh GW installation, so in performed that this morning and monitored the cpview IPS update display during install:

- installed Check_Point_R80.10_T462_Gaia.iso

- after FTW + load configuration, no policy installed: only AV showed Update Time (all 4 blades showed disabled)

- after establishing SIC and installing Acces Control policy: APCL and AV showed Update Time (3 blades showed disabled, APCL enabled)

- after installing Access & Threat policy: only IPS showed no Update Time (all 4 blades showed enabled)

- after installing Jumbo Take 85: No change...

CCSE CCTE CCSM SMB Specialist
XBensemhoun
Employee
Employee

and what about scheduling IPS updates ? does it change anything ?

Information Security enthusiast, CISSP, CCSP
0 Kudos
G_W_Albrecht
Legend
Legend

Sorry, fact is that all TP updates are scheduled in Dashboard, e.g. APCL at 00:00 and IPS at 00:20, but without policy install. So the GW will only learn about the last IPS update during policy install...

I have set schedule for IPS update in 5 mins with policy install and then will update here!

CCSE CCTE CCSM SMB Specialist
0 Kudos
G_W_Albrecht
Legend
Legend

Did not find new IPS version, so the scheduled update did neither download anything nor perform a policy install. After a manual policy install (both Access +TP) nothing has chamged and the IPS date still is missing.

CCSE CCTE CCSM SMB Specialist
Danny
Champion Champion
Champion

I added your grep routine to our ccc script. Thanks for the hint!

Vladimir
Champion
Champion

Danny,

Any chance of implementing automated updates for CCC?

Danny
Champion Champion
Champion

Vladimir,

I was already thinking about this, too. Unluckily our ccc thread cannot be accessed without a CheckMates login. I would need to move it to some other location to enable this feature.

0 Kudos
Danny
Champion Champion
Champion

Vladimir,

I implemented automated updates in version 1.6 of our ccc script.

Vladimir
Champion
Champion

Thank you Danny!

You are awesome Smiley Happy

PhoneBoy
Admin
Admin

This might be worth raising a TAC case about: Contact Support | Check Point Software 

On my own gateway, IPS shows N/A and App Control shows a date.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events