Recently I had a chance to get my hands on this excellent Firewall by Checkpoint. And as you know not everything goes perfectly, and this is where you get a chance to learn how it works, while you fix.
I encountered an issue where one of the Threat Prevention Blades was stuck in updating mode for several hours. I had logged into the appliance via SSH to view to CPU utilization and observed nothing which would indicate an issue.
I started thinking about what events occurred which may have caused this. So I looked at the auto update schedule for the blades and noticed that all 3 blades where set to upgrade simultaneously.
I have observed that these updated can causes very high consumption of CPU and which that perhaps the blade with the issue became stuck in an upgrading status.
To address this situation, I issued the update command from the CLI :
- Log into the firewall via SSH
- Enter into expert mode by typing ‘expert’ in the CLI – You will be asked for your expert password. Once in export you will be in a standard Linux bash prompt.
- Run the following while in expert mode depending on which update you require:
- Anti-Virus Blade: [Expert@jermsmit.com]# online_update_cmd -b AV -o update
- IPS Blade: [Expert@jermsmit.com]# online_update_cmd -b IPS -o update
- Application Control Blade: [Expert@jermsmit.com]# online_update_cmd -b APPI -o update
Now return and refresh your webUI and you should notice that the blade(s) that were once stuck in the upgrading status are now showing up to date.