Support Center > Search Results > SecureKnowledge Details
How to install a Hotfix Technical Level

Use one of these methods to install a Hotfix:

Central Deployment from SmartConsole - Recommended

Starting from R80.40, Central Deployment allows you to perform a batch deployment of Jumbo Hotfix Accumulators and Hotfixes from SmartConsole.

  • You can select up to 30 Security Gateways and ClusterXL Cluster Members.
  • You can deploy a package to 10 targets at the same time.

For instructions, see the Quantum Security Management Administration Guide for your version - Chapter Managing Gateways > Section Central Deployment of Hotfixes and Version Upgrades.


Show / Hide this Section

Check Point Update Service Engine (CPUSE), also known as Gaia Software Updates [Agent], is an advanced and intuitive mechanism for software deployment on the Gaia OS. CPUSE supports deployments of Hotfixes (HFs), Hotfix Accumulators (HFAs), and Major Versions.

Use CPUSE to install a CPUSE package on a:

  • Security Gateway
  • Security Management Server
  • Multi-Domain Security Management Server
  • Cluster - Install on all members of the cluster. In a Management HA environment, install on all Management Servers.

Make sure you have the latest build of the CPUSE Agent.

Refer to sk92449: CPUSE - Gaia Software Updates (including Gaia Software Updates Agent):

  • Sections "(4-A-c)" and "(4-A-d)" - refer to import instructions for Offline procedures
  • Section "(4-B-a)" - refer to installation instructions for Hotfixes

On Security Gateway or Cluster, you may need to reboot after you install the Hotfix.

Central Deployment Tool (CDT)

Show / Hide this Section

Central Deployment Tool (CDT) is a utility that runs on Security Management Servers and Multi-Domain Security Management Servers running Gaia OS. This utility lets you manage a deployment of software packages from your Management Server to the multiple managed Security Gateways and Cluster Members at the same time:

Use the Central Deployment Tool on the Management Server to deploy packages to the managed Security Gateways and clusters.

Refer to the "Workflow for installing a Hotfix on a Security Gateway or Cluster" section in sk111158 - Central Deployment Tool (CDT).

Installing Hotfixes on R77.30 and lower versions

Show / Hide this Section

Using Legacy CLI

You must be connected over a console, or using a LOM card. Do not connect over an SSH session because it can get disconnected. On VSX R77.30, the Gaia CPUSE does not support installation of Hotfixes (refer to sk92449 - section "(2)" - "VSX Gateways").

To install with legacy CLI:

  1. Download the Hotfix package to your machine to a specific directory, e.g., /some_path_to_fix/ .

  2. Unpack and install the Hotfix package:

    [Expert@HostName]# cd /some_path_to_fix/
    [Expert@HostName]# tar -zxvf fw1_wrapper_<HOTFIX_NAME>.tgz
    [Expert@HostName]# ./fw1_wrapper_<HOTFIX_NAME>

    Note: The script stops all Check Point services (cpstop) - read the output on the screen.
  3. Reboot the machine.



Give us Feedback
Please rate this document