In This Section: |
Check Point wants the customer to be protected. When a protection update is available, Check Point wants the configuration to be automatically enforced on the gateway. You can configure automatic gateway updates for the Anti-Virus, Anti-Bot, Threat Emulation and IPS blades.
For the Anti-Virus, Anti-Bot and Threat Emulation, the gateways download the updates directly from the Check Point cloud.
For the IPS blade, prior to R80.20, the updates were downloaded to the Security Management Server, and only after you installed policy, the gateways could enforce the updates. Starting from R80.20, the gateways can directly download the updates. For R80.20 gateways and higher with no internet connectivity, you must still install policy to enforce the updates.
When you configure automatic IPS updates on the gateway, the action for the newly downloaded protections is by default according to the profile settings.
IPS, Anti-Virus and Anti-Bot updates are performed every two hours by default. Threat Emulation engine updates are performed daily at 05:00 by default, and Threat Emulation image updates are performed daily at 04:00 by default.
You can see the list of Anti-Bot and Anti-Virus protections in Threat Tools > Protections, and the list of IPS protections in Threat Tools > IPS Protections. The update date appears next to each protection.
To configure Threat Prevention scheduled updates:
The Scheduled Updates window opens.
Note - In pre-R80 gateways, IPS was part of the Access Control policy. Therefore, when you select this option, a message shows which indicates that for pre-R80 gateways, the Access Control policy is installed and for R80 and above gateways, the Threat Prevention policy is installed.
OR:
In Threat Tools > Update, a message shows which indicates the number of gateways which are up-to-date.
To check if the protections are update on a specific gateway:
The Device & License Information window opens.
You can turn off automatic IPS updates on a specific gateway.
To turn off automatic IPS updates on a specific gateway:
The gateway properties window opens.
These scenarios explain how an upgrade of the Security Gateways or the Security Management Server or both, affects the Scheduled Updates configuration.
Scenario 1: Upgrading the Security Management Server to R80.20, and not upgrading the gateways to R80.20
If you do not upgrade the gateways, then after the upgrade, the gateways are still not able to receive the updates independently, only through the Security Management Server. In this case, the configuration stays the same compared to before the upgrade: Scheduled Updates will be enabled or disabled on the Security Management Server, depending on the configuration before the upgrade.
Scenario 2: Upgrading the gateways to R80.20 (with or without Security Management Server upgrade)