Security Gateway Indicators

An administrator manages multiple Security Gateways in SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.. The Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. indicators feature in the Gateways & Servers view helps the administrator verify which Jumbo Hotfix Software package installed on top of the current software version to fix a wrong or undesired behavior, and to add a new behavior. Accumulators are installed and ensure all Security Gateways are up to date with the recommended versions.

In the Gateways & Servers view, the Version column displays the current Jumbo Hotfix Accumulator Collection of hotfixes combined into a single package. Acronyms: JHA, JHF, JHFA. installed on each Security Gateway. When you hover over the Version column, if the currently installed Jumbo Hotfix Accumulator is not recommended, a message appears suggesting the recommended Jumbo Hotfix Accumulator for installation.

The Version column shows an indicator based on the Security Gateway status:

• No color indicator:

  • The Security Gateway is updated. The latest Jumbo Hotfix Accumulator is installed on the Security Gateway.

  • The Jumbo Hotfix Accumulator installed on Security Gateway is not the latest. A message appears suggesting the recommended Jumbo Hotfix Accumulator for installation.

• Yellow color indicator - The Jumbo Hotfix Accumulator take is too old, and requires upgrading to the recommended Jumbo Hotfix Accumulator.

• Red color indicator - The version installed on the Security Gateway is unsupported.

• Gray color indicator - There is no available information about the Security Gateway. A gray indicator appears in these cases:

  • The Security Gateway is of a version of take that do not support the feature.

  • The Security Gateway is not connected to the Check Point Download Center for at least a month.

  • The Check Point Download Center does not allow updates on the Security Gateway.

  • The Security Gateway has no license or contract.

For a list of indicator exceptions, see sk182159.

The Security Gateway indicators also appear in the Summary tab for each Security Gateway at the bottom of the Gateways & Servers view.

You can filter the Gateways & Servers view based on the Gateway indicators. To do so, go to the top toolbar menu, select the filter icon , and then select version warning. From the available options, you can select:

• None - Security Gateways with no color indicator

• Unsupported - Security Gateways with a red color indicator

• Alert - Security Gateways with a yellow color indicator

• N/A - Security Gateways with a gray color indicator

Notes: Indications for Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. Members show for each Cluster Member Security Gateway that is part of a cluster. independently and not for the Security Cluster object. Upgrading a VSX Gateway Physical server that hosts VSX virtual networks, including all Virtual Devices that provide the functionality of physical network devices. It holds at least one Virtual System, which is called VS0. also upgrades all related Virtual Gateways.

Installing the Recommended Take on the Security Gateway

When you hover over the Security Gateway, a message appears indicating the Jumbo Hotfix Accumulator to install on the Security Gateway.

To postpone the installation date Jumbo Hotfix Accumulator on the Security Gateway

1. Click the Options button in the message.

   A window opens with the name of the recommended Jumbo Hotfix Accumulator take number.
   

   
   

2. In this window you can set a reminder for a future installation date. Select the required future rescheduling time from the drop-down menu. If you select the Apply to all gateways and servers checkbox, the reminder is set to all Security Gateways and servers to which the Hotfix applies.

3. Click OK.

The indicator turns off on all relevant Security Gateways and servers.

To install the recommended Jumbo Hotfix Accumulator on the Security Gateway

1. Click the Open Installation Window button.

   The Install Jumbo/Hotfix window opens.

2. In the Hotfix/Jumbo section, select one of these options:

   • Install the Recommended Hotfix/Jumbo

     or

     Install a Specific Hotfix/Jumbo

     1. Enter the version number / Hotfix file name.

     2. Click the search icon next to the text box.

        This process makes sure that the package is available for download from the Check Point servers.

3. In the Gateways section, see the Security Gateway that you selected for this installation.

   Note - To install the package on more than one Security Gateway or Cluster Member, go to the Gateways & Servers view, press and hold the CTRL key to select all the required Security Gateways and Cluster Members. Then, from the top toolbar menu, click Actions and select Install Jumbo/Hotfix.

4. In the Settings section, select the applicable option for the High Availability cluster:

   • Install on all cluster members - Installs the selected package on all members in this cluster (active and standby). This can cluster failover and interrupt the traffic.

   • Install on non-active members only - Installs the selected package only on standby cluster members.

     • Once installation is complete, turn non-active member to active - Changes the cluster state of a standby cluster member to active.

5. In the Download package timing section - Select this check box if you want to download the package during the verification process: Download/Deliver package to Security Gateways as part of verification. If you do not select this check box, the verification process is performed first and then the file is downloaded as a separate action.

6. In the Advanced section, select the source from which the Security Gateway downloads the package:

   • Automatic - If the package is in the Package Repository Collection of software packages that were uploaded to the Management Server. You can easily install these packages in SmartConsole on the managed Security Gateways., the Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. transfers it to the Security Gateway. If the package is not in the Package Repository, the Security Gateway downloads it from the Check Point Cloud.

   • Gateway - The Security Gateway downloads the package from the Check Point Cloud. The Security Gateway must be connected to the Internet.

   • Management - The Security Gateway downloads the package from the Management Server.

7. At the bottom, click Verify.

   The verification process starts. The verification process makes sure that the selected Hotfix can be installed on the targets. The verification process makes sure this package does not override other installed Hotfixes and that enough free disk space is available for the process to complete.

   To see the progress of the verification process open the Tasks view in the bottom left corner of SmartConsole and click Details.

   Example:

   

8. Click Install.

9. Central Deployment makes sure that Access Control Policy is installed.

10. After the installation is complete, you must install the applicable Threat Prevention policy on the target Security Gateways and Clusters.