Support Center > Search Results > SecureKnowledge Details
User and Device Management R77.30.01 (Hotfix #8) Technical Level
Solution

UDM Product Description

User and Device Management (UDM) is a web based application that manages a range of user and device related tasks in an organization. A typical user accesses organizational resources from multiple devices: computers, laptops, smartphones, and tablets.

UDM provides a unified environment for managing various user and device related tasks, such as provisioning, transparency of access via SmartLog logs, viewing user and device details, certificate management, AD user management, and FDE password recovery (for Endpoint Security clients).

With UDM, security administrators can delegate user and device management tasks to Help Desk administrators. This delegation of responsibilities lets the network security team handle security policy issues and the Help Desk team manage some user access tasks.

What's New

  • Supports working with Security Management R80.40
  • Improved reporting of events and alerts to Log Server

UDM Configuration

Once the R77.30.01 UDM HF8 is installed on a separate machine (optionally on a VMware VM), it can  connect to different Security Management Servers or Multi-Domain Security Management Servers, including R80.x Servers.

If the Network Security Management Server, to which the UDM Server connects is either R77.20 or R77.30, then you must install either sk101217 - R77.20 Add-On or sk105412 - R77.30 Add-On, respectively. 

Licensing 

UDM HF8 Server doesn't require a Security Management license if connecting to different Security Management Servers or Multi-Domain Security Management Servers.

For further assistance, contact Check Point Account Services:

  • by using Live Chat
  • by completing an Online Form
  • by phone: Americas: +1-972-444-6600 option 5, or International: +972-3-611-5100 option 5

Installation options

Downloads

Package

Link

R77.30.01 UDM Hotfix #1 for Gaia OS  (TGZ)

 

Package Link
 R77.30.01 UDM Hotfix #8 for Gaia OS (TGZ)

To install UDM R77.30.01 HF8 on a Gaia Security Management Server:

  1. Back up your current UDM Server.
  2. Update to latest CPUSE deployment agent (sk92449 - Check Point Upgrade Service Engine (CPUSE) - Gaia Deployment Agent).
  3. Download the HF7 installation file: <>
  4. Connect to your UDM server Gaia Portal. (Default address is: https://<ip_address>:4434/)
  5. Navigate to Upgrades (CPUSE) pane. Click on "Status and Actions".
  6. On the toolbar, click on the "More" button - select "Import Package" - browse for the CPUSE Offline package (TGZ file) - click on "Upload".
  7. Select the hotfix package <> - click on "Install Update" button on the toolbar.
    Note: Machine will automatically reboot after installation process is completed.

Note: If you want to activate SandBlast Mobile support in self-service portal:

  1. Connect to the UDM server via SSH.
  2. Open /opt/CPudm-R77/conf/udmenv.properties for editing.
  3. In the below line replace the variables (marked in CAPITAL letters) with your own values. mtp.dashboards=[{"site":[DISPLAY_NAME],"url":[DASHBOARD_URL],"username":[DAHSBOARD_USERNA ME],"apiKey":[API_KEY]}]
  4. Optional: You can set the maximum devices for user by setting mtp.max.devices = [MAX_NUM_DEVICES] (default is 3)
  5. Restart the UDM service:

    # udmstop; udmstart

Known Limitations

Important notes:

  • To get a fix for an issue listed below contact Check Point Support with the issue ID.
  • To see if an issue has been fixed in other releases, search for the issue ID in Support Center.
ID Symptoms
Installation
 01892463  The UDM portal cannot be enabled on a standalone installation.
SMTP
 01912002  The UDM portal does not support SMTP with TLS authentication
Mobile Threat Prevention Integration
 01933444  In the Mobile Threat Prevention tab of the portal, the user does not see the message when a session expires.
 02349950  No support for non-English characters for devices created via MTP manual enrolment in UDM.
 Active Directory
 01908742  The UDM portal does not support LDAP groups that contain AD special characters.
 Management Compatibility
   The UDM does not support RSA authentication.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment