-n

Fetch the Security Policy from the Security Management Server to the local $FWDIR/state/ directory, and install the Policy only if the fetched Policy is different from the Policy already installed.

-f

Fetch the Security Policy from the Security Management Server listed in the $FWDIR/conf/masters file.

-c

In cluster, fetch the policy from one of the peer cluster members, according to the Check Point High Availability kernel list on the local cluster member.

-i

Ignore SIC information (for example, SIC name) in the database and use the information in the $FWDIR/conf/masters file. This option is used when a Security Policy is fetched for the first time by a DAIP gateway from a Security Management Server with a changed SIC name.

master1

Execute command on the designated master.

The IP address of the Security Management Server, from which to fetch the Policy. You can specify one or more Security Management Servers, which will be searched in the order listed.

If no targets are specified, or if targets is inaccessible, the Policy is fetched from the localhost.