Table of Contents:
-
Background
-
Revert Tool
-
Supported versions
-
Instructions
-
Notes
-
Documentation
-
Related solutions
Background
It is possible to revert the IPS Database to the state it was prior to the last update. Such revert affects only IPS configuration. It does not affect any other Software Blades or configurations, such as Firewall rules, Network Object changes, and so on.
Check Point offers a special tool for Security Management Server / Multi-Domain Management Server R7x. The tool searches for the latest database revision created as part of an IPS update, and extracts the IPS content from that revision.
The revert process takes a few minutes, during which the Security Management Server / Multi-Domain Management Server will not be available, because Check Point services and the Server are restarted. By using the revert tools, we can only revert back to one previous version.
IPS Revert
If you are using the reverting IPS package to a previous DB revision using the Database Revision, you can revert to any version you saved.
Supported versions
Check Point Versions |
This tool supports all versions from R71 GA and above |
Operating Systems |
Currently, this tool supports only Gaia / SecurePlatform / Linux / Windows OS |
Instructions
Notes
- After reverting IPS to the previous version using IPSUpdateRevert, you must remove the Cyclic Redundancy Check (CRC) file ($FWDIR/conf/SMC_Files/asm/crc_marker_db.fw) on the Security Management or relevant Domain. Refer to sk107580 - Online IPS Update fails with "Internal Error: Failed to update Database object"
- If the admin password defined in cpconfig / mdsconfig menu had been changed between the time when IPS Database Revision was taken and the current time, when you are going to run the revert tool, then you will have to reset the admin password (because the database revision also reverts the users and their passwords).
Documentation
- For description of this tool and its usage, refer to this document.