fwm sic_reset

Description

Resets SICClosed Secure Internal Communication. The Check Point proprietary mechanism with which Check Point computers that run Check Point software authenticate each other over SSL, for secure communication. This authentication is based on the certificates issued by the ICA on a Check Point Management Server. on the Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..

For detailed procedure, see sk65764: How to reset SIC.

Warnings:

  • Before you run this command, take a Gaia Snapshot and a full backup of the Management Server.

    This command resets SIC between the Management Server and all its managed objects.

  • This operation breaks trust in all Internal CA certificates and SIC trust across the managed environment.

    Therefore, we do not recommend it at all, except for real disaster recovery.

Note

On a Multi-Domain ServerClosed Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS., you must run this command in the context of the applicable Domain Management Server:

mdsenv <IP Address or Name of Domain Management Server>

Syntax

fwm [-d] sic_reset

Parameters

Parameter

Description

-d

Runs the command in debug mode.

Use only if you troubleshoot the command itself.

Best Practice - If you use this parameter, then redirect the output to a file, or use the script command to save the entire CLI session.

For complete debug instructions, see the description of the fwm process in sk97638.