Print Download Documentation Send Feedback

Previous

Next

Updates - Threat Prevention

What can I do here?

Use this window to configure automatic updates to the malware database, Threat Emulation engine, Threat Emulation images, and IPS database.

Getting Here

Getting Here - Security Policies > Threat Prevention > Policy > Threat Tools > Updates

Updating the IPS and Malware Databases

The IPS protection database and the Malware database automatically download updates at regular intervals. This ensures that you have the latest IPS protections, and the most current data and newly added signatures and URL reputations in your Anti-Bot and Anti-Virus policy.

The Malware database only updates if you have a valid Anti-Bot, Threat Emulation and/or Anti-Virus contract.

By default, updates for Anti-Virus and Anti-Bot run on the Security Gateway every two hours. For IPS and Threat Emulation you must configure an update schedule. You can change the update schedule or choose to manually update the Security Gateway. The updates are stored in a few files on each Security Gateway.

Updating IPS Protections

Check Point constantly develops and improves its protections against the latest threats. You can immediately update IPS with real-time information on attacks and all the latest protections. You can manually update the IPS protections and also set a schedule when updates are automatically downloaded and installed. IPS protections include many protections that can help manage the threats against your network. Make sure that you understand the complexity of the IPS protections before you manually modify the settings.

Note - To enforce the IPS updates, you must install policy.

To update IPS Protections:

  1. In SmartConsole, click Security Policies > Threat Prevention.
  2. In the Threat Tools section, click Updates.
  3. In the IPS section > Update Now, from the drop-down menu, select:
    • Download using SmartConsole (if your Security Management Server has no internet access), or
    • Download using Security Management Server.
  4. Install Policy.

Scheduling Updates

You can change the default automatic schedule for when updates are automatically downloaded and installed. If you have Security Gateways in different time zones, they are not synchronized when one updates and the other did not yet update.

To configure Threat Prevention scheduled updates:

  1. In SmartConsole, go to the Security Policies page and select Threat Prevention.
  2. In the Threat Tools section of the Threat Prevention Policy, click Updates.
  3. In the section for the applicable Software Blade, click Schedule Update.

    The Scheduled Update window opens.

  4. Make sure Enable <feature> scheduled update is selected.
  5. Click Configure.
  6. In the window that opens, set the Update at time and the frequency:
    • Daily - Every day
    • Days in week - Select days of the week
    • Days in month - Select dates of the month
  7. Optional, for IPS only:
    • Select Perform retries on update failure - lets you configure how many tries the Scheduled Update makes if it does not complete successfully the first time.
    • Select On successful update perform Install Policy - automatically installs the policy on the devices you select after the IPS update is completed. Click Configure to select these devices.
  8. Click OK.
  9. Click Close.
  10. Install Policy.
12-Sep-21
Was this helpful?
Incorrect information Not what I'm looking for Too much information Confusing information
© 2021 Check Point Software Technologies Ltd. All rights reserved.