Endpoint Anti-Malware signatures cannot be downloaded from a local Endpoint Security Server
.key file on Endpoint Security Server is not updated.
Endpoint Security Clients can still acquire their Anti-Malware signature updates directly from an external Check Point signature server (cloud service), or other external Anti-Malware signature resources, if your organization's Endpoint Anti-Malware policy allows it.
You may configure External Check Point Signatures server as second priority in Anti-Malware policy under the "Check for signature updates" action.
Contact Check Point Support to keep getting signature updates from the local Endpoint Security Server.
Implementing the fix:
- Open SSH to the Endpoint Security Server and switch to Expert mode.
- Navigate to the $UEPMDIR/engine/conf/updates/bin/220.127.116.11 folder.
- You should see a file with the .key extension (i.e 35700833.key).
Change this file to XXXXXXX.key_old (i.e 35700833.key_old).
- Copy the file provided by Check Point Support to the same folder and run the command:
chmod 775 57263987.key
- Navigate to the $UEPMDIR/engine/conf/updates/bin/kav8 folder (if it exists).
- Repeat steps 3-4.
- Repeat the operation on any Secondary server, as well as Policy servers.
- Open SmartEndpoint Console and navigate to 'Tools > Anti-Malware Updates'.
Click 'Check for updates now'.
- Wait until the server downloads the latest Anti-Malware signatures. It takes an additional few minutes after you get the "Update finish" message, until the Endpoint Security clients receive the updates.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.