Support Center > Search Results > SecureKnowledge Details
Revert IPS to Previous Database Revision
Solution

Table of Contents:

  • Background
  • Revert Tool
  • Supported versions
  • Instructions
  • Notes
  • Documentation
  • Related solutions

 

Background

It is possible to revert the IPS Database to the state it was prior to the last update. Such revert affects only IPS configuration. It does not affect any other Software Blades or configurations, such as Firewall rules, Network Object changes, and so on.

 

Revert Tool

Check Point offers a special tool for Security Management Server / Multi-Domain Management Server R7x. The tool searches for the latest database revision created as part of an IPS update, and extracts the IPS content from that revision.

The revert process takes a few minutes, during which the Security Management Server / Multi-Domain Management Server will not be available, because Check Point services and the Server are restarted. By using the revert tools, we can only revert back to one previous version. 

 

IPS Revert

If you are using the reverting IPS package to a previous DB revision using the Database Revision, you can revert to any version you saved.

 

Supported versions

Check Point Versions This tool supports all versions from R71 GA and above
Operating Systems Currently, this tool supports only Gaia / SecurePlatform / Linux / Windows OS

 

Instructions

  • On SecurePlatform / Gaia / Linux OS

    1. Download the tool from here.

    2. Transfer the Tool file to the Security Management Server / Multi-Domain Security Management Server.

    3. Rename the file from 'Revert_IPS_to_Previous_Database_Revision_Tool_for_Linux_OS.binary_file' to 'IPSUpdateRevert':

      [Expert@HostName]# mv -v Revert_IPS_to_Previous_Database_Revision_Tool_for_Linux_OS.binary_file IPSUpdateRevert

    4. Assign the necessary permissions:

      [Expert@HostName]# chmod u+rwx IPSUpdateRevert

    5. Run the Tool (refer to the 'Documentation' section):

      • On Security Management Server:

        [Expert@HostName]# ./IPSUpdateRevert

      • On Multi-Domain Security Management Server:

        [Expert@HostName]# mdsenv
        [Expert@HostName]# ./IPSUpdateRevert <Domain_Name>

  • On Windows OS

    1. Download the tool from here.

    2. Transfer the Tool file to the Security Management Server (e.g., root of disk C:).

    3. Open Windows Command Prompt (Start - Run... - type cmd - click on 'OK'/press Enter).

    4. Navigate to the Tool.

    5. Run the Tool (refer to the 'Documentation' section):

      C:\> IPSUpdateRevert

 

Notes

  • After reverting IPS to the previous version using IPSUpdateRevert, you must remove the Cyclic Redundancy Check (CRC) file ($FWDIR/conf/SMC_Files/asm/crc_marker_db.fw) on the Security Management or relevant Domain. Refer to sk107580 - Online IPS Update fails with "Internal Error: Failed to update Database object"

  • If the admin password defined in cpconfig / mdsconfig menu had been changed between the time when IPS Database Revision was taken and the current time, when you are going to run the revert tool, then you will have to reset the admin password (because the database revision also reverts the users and their passwords).

 

Documentation

  • For description of this tool and its usage, refer to this document.

 

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment