Friday 15th July 2016
Check Point is changing all its SHA-1 Certificates to SHA-256 Certificates in November 2015. All Check Point customers will have to apply a hotfix (already available) by the end of October this year in order for Check Point updates to work.
What's Changing and Why is It Important? To enhance the security of their online update services, Check Point is migrating its SHA-1 based certificates to SHA-256 based certificates in November 2015. This will affect connection to Check Point online services.
Check Point online update services are used by Check Point software for downloading updates, up-to-date protections and to verify license information.
All of the following software blades, products and features use online update services:
To ensure the continued connectivity of Check Point software to Check Point online updates, a hotfix is required. This is already available from Check Point for all major software versions.
We recommend installing this as soon as convenient and at the latest by the end of October to maintain update functionality.
What Do I Need to Do About this? Customers already on Check Point Versions R77.30 and Endpoint Security E80.61/R77.20.01 have this fix included.
For lower versions, contact Bytes Security Partnerships Support as soon as convenient to get a Hotfix for this issue. A Support Engineer will ensure the Hotfix is compatible with your systems before providing it. The hotfix MUST be installed on ALL Check Point products: Security Gateways, Clusters, VSX, Security Management Servers, Multi-Domain Management Servers, Log Servers, etc.
For customers using online services in SmartDashboard (such as IPS blade updates) or SmartUpdate, an improved SmartConsole package is required as well. This improved package is vital to be able to work with Check Point servers and perform signatures updates (IPS blade, Anti-Virus blade, other blades), Licensing, Contracts, etc.
What happens if I do not install the hotfix on ALL machines? Any Check Point machines, on which this hotfix is not installed, will not be able to connect to Check Point servers and perform operations like signatures updates (IPS blade, Anti-Virus blade, other blades), Licensing, Contracts, etc.
Need More Information?
You can access full information including information on available hotfixes, installation instructions and commonly asked questions from the Check Point support team below.
Want to keep informed? Sign up to our Newsletter