Registering a Critical Device

Important - In a ClusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing., you must configure all the Cluster Members in the same way.


You can add a user-defined critical deviceClosed A special software device on each Cluster Member, through which the critical aspects for cluster operation are monitored. When the critical monitored component on a Cluster Member fails to report its state on time, or when its state is reported as problematic, the state of that member is immediately changed to Down. The complete list of the configured critical devices (pnotes) is printed by the 'cphaprob -ia list' command or 'show cluster members pnotes all' command. Synonyms: Pnote, Problem Notification. to the default list of critical devices. Use this command to register <device> as a critical process, and add it to the list of devices that must run for the Cluster MemberClosed Security Gateway that is part of a cluster. to be considered activeClosed State of a Cluster Member that is fully operational: (1) In ClusterXL, this applies to the state of the Security Gateway component (2) In 3rd-party / OPSEC cluster, this applies to the state of the cluster State Synchronization mechanism.. If <device> fails, then the Cluster Member is seen as failed.

If a Critical Device fails to report its state to the Cluster Member in the configured timeout, the Critical Device, and by design the Cluster Member, are seen as failed.

Define the status of the Critical Device that is reported to ClusterXLClosed Cluster of Check Point Security Gateways that work together in a redundant configuration. The ClusterXL both handles the traffic and performs State Synchronization. These Check Point Security Gateways are installed on Gaia OS: (1) ClusterXL supports up to 5 Cluster Members, (2) VRRP Cluster supports up to 2 Cluster Members, (3) VSX VSLS cluster supports up to 13 Cluster Members. Note: In ClusterXL Load Sharing mode, configuring more than 4 Cluster Members significantly decreases the cluster performance due to amount of Delta Sync traffic. upon registration.

This initial status can be one of these:




Gaia ClishClosed The name of the default command line shell in Check Point Gaia operating system. This is a restricted shell (role-based administration controls the number of commands available in the shell).

N / A

Expert mode

cphaconf set_pnote -d <Name of Critical Device> -t <Timeout in Sec> -s {ok | init | problem} [-p] [-g] register


  • The "-t" flags specifies how frequently to expect the periodic reports from this Critical Device.

    If no periodic reports should be expected, then enter the value 0 (zero).

  • The "-p" flag makes these changes permanent (survive reboot).

  • The "-g" flag applies the command to all configured Virtual Systems.


  • Total number of critical devices (pnotes) on Cluster Member is limited to 16.

  • Name of any critical device (pnote) on Cluster Member is limited to 15 characters, and must not include white spaces.