Technical data
38 Known limitations and considerations in this release
217316-A Rev 00
Figure 1 Checking for read-only partitions
You should not see any partitions. If some partitions are read-only, please
disable and enable the SmartUpdate Mode again.
• When you disable the SmartUpdate Mode, all the disk partitions must become
read-only. In some instances, this may not happen.
Please verify that all disk partitions are read-only by executing the command
from Figure 2 at the root prompt.
Figure 2 Checking for read-only partitions
You should see three partitions (/ , /isd and /usr/local). If some partitions are
read-write, please enable and disable the SmartUpdate Mode again.
• The SmartUpdate “Get Check Point gateway data” retrieves the SmartView
Monitor, Policy Server, FloodGate-1, and UserAuthority packages. This may
automatically update the object settings. Change these settings as needed.
• During the SmartView policy install, the SmartView Tracker log records the
following messages:
The <ethx> interface is not protected by the anti-spoofing
feature. Your network may be at risk.
uaa_info: opsec_session_id=NO_SESSION
Both of these warning messages can be safely ignored, if the network
topology is defined as explained in Firewall User’s Guide and Command
Reference (217315-A).
• Memory utilization is reported incorrectly using the CLI command
/info/summary. Use /info/cluster instead to show the correct value.
Also run the top command at root prompt.
• After updating SmartDefense, you can no longer use push policy. The
workaround is to make the partition read-write on the appliance before using
SmartUpdate or SmartDefense update. Use the following process to do this:
— Enter the command:
make-part-rw /usr/local on.
— (Complete the SmartUpdate or SmartDefense update.)
— Enter the command:
make-part-rw /usr/local off.
mount |grep "(ro)"
mount |grep "(ro)"