For Gateway image version R80.40-294.640 deployed in Azure it is mandatory to manually uninstall the following preinstalled hotfixes via CPUSE before installing the Jumbo Hotfix Accumulator. These hotfixes contain support for VMSS Remote Access feature only and can be safely uninstall if VMSS Remote Access is not used. Attempting to install a newer Jumbo Hotfix Accumulator take without uninstalling the hotfixes will result in an installation failure due to confilct.
For Gateway image versions R80.40-294.839 with installed Jumbo HF take 118 and R80.40-294.833 with installed Jumbo HF take 131 it is mandatory to perform CPUSE inplace upgrade to the the R80.40 version with a newer Jumbo HF take. See sk174583 for more details.
For Gateway image versions R81-392.840 and R81.836 with installed Jumbo HF take 23 it is mandatory to perform CPUSE inplace upgrade to the R81 version with a newer Jumbo HF take. See sk109141 for more details.
Azure, AWS, GCP
R81.10 and above
Refer to official Jumbo Hotfix SK for the version
No limitations
Notes:
Installation of any other hotfix is not supported, unless specifically stated for that hotfix.
Notes for installing R77.30 Jumbo Hotfix Accumulators
On Security Gateway running in Amazon Web Services (AWS), it is not supported to install Takes 189 and higher of the R77.30 Jumbo Hotfix Accumulator when the user's shell is configured to /etc/cli.sh (the default shell).
Before installing the Takes 189 and higher, the user's shell must be changed to any shell other than /etc/cli.sh - e.g., /bin/bash, /bin/csh, /bin/tcsh (refer to R77 versions Gaia Administration Guide - chapter "User Management" - section "Users").
After installing the Takes 189 and higher, it is not supported to change the user's shell back to /etc/cli.sh.
The "GIRAFFE" hotfix is pre-installed as part of the image for automation of the vSEC Controller:
Starting with the Check Point image R77.30-028.120 for AWS
Starting with the Check Point image 77.30.8029129 for Azure
Before installing Take 189 (and higher) of R77.30 Jumbo Hotfix Accumulator, this "GIRAFFE" hotfix must be uninstalled (otherwise, a conflict will occur):
Check if this hotfix is installed: [Expert@HostName:0]# cpinfo -y all | grep HOTFIX_GIRAFFE_V2
Uninstall this hotfix either using the CPUSE, or on the CLI: [Expert@HostName:0]# /opt/CPsuite-R77/uninstall_fw1_wrapper_HOTFIX_GIRAFFE_V2
Before installing Take 221 (and higher) of R77.30 Jumbo Hotfix Accumulator, this "VSEC_CENTRAL_LIC_001" hotfix must be uninstalled (otherwise, a conflict will occur):
Check if this hotfix is installed: [Expert@HostName:0]# cpinfo -y all | grep VSEC_CENTRAL_LIC
Uninstall this hotfix either using the CPUSE, or on the CLI: [Expert@HostName:0]# /opt/CPsuite-R77/uninstall_fw1_wrapper_HOTFIX_VSEC_CENTRAL_LIC_001
If you are using the machine as Management Server, then after installing Take 221 (and higher) of R77.30 Jumbo Hotfix Accumulator, you may want to reinstall the vSEC Central License Management Utility (the "VSEC_CENTRAL_LIC_001" hotfix from sk109713).
On Security Gateway running in Amazon Web Services (AWS), importing the R77.30 Jumbo Hotfix Accumulator package using the CPUSE in Gaia Portal might fail.
In such case, import and install the CPUSE Offline package of the R77.30 Jumbo Hotfix Accumulator in Gaia Clish: