Configure automatic updates and upgrades
There are several options for handling automatic updates and engine upgrades.
Before you begin
The automatic updates and engine upgrades require the Management Server to be able to connect to the servers at https://update-pool.stonesoft.com and https://smc-pool.stonesoft.com either using HTTPS on port 443 or through an HTTP proxy. You must also have a valid maintenance or support contract.
The Management Server can periodically check for new dynamic update packages, engine upgrades, and licenses. This feature is active by default. In an environment with multiple Management Servers, automatic updates and upgrades must be enabled on the active Management Server (the Management Server that controls all Domains).
For more details about the product and how to configure features, click Help or press F1.
Steps
Global System Properties dialog box — Updates tab
Use this tab to define settings for dynamic updates, engine upgrades, and licenses.
Option | Definition |
---|---|
Enable Sending Proof-of-License Codes to FORCEPOINT Servers | When selected, allows you to select settings for dynamic updates, and engine and license upgrades. |
Dynamic Updates | Specifies the dynamic updates options:
|
Notify When Updates Have Been Activated
(Optional) |
You receive an alert when the dynamic updates have been activated. This option becomes available when you select Automatically Download and Activate Updates. You must refresh the policies before the updates take effect. If Refresh Policies After Update Activation is selected, the policies are refreshed automatically. Otherwise, you must refresh the policies manually. |
Refresh Policies After Update Activation
(Optional) |
The SMC automatically refreshes the policies after activating the dynamic updates. This option becomes available when you select Automatically Download and Activate Updates. |
Remote Upgrades for Engines | Specifies new engine upgrade options:
|
Generate and Install New Licenses Automatically
(Optional) |
When selected, automatically regenerates and installs the licenses required for upgrading SMC components to a major new release. |
Check for Updates | Specifies how often to check for updates. |
Trusted Update Certificate Properties dialog box
Use this dialog box to view the details of the currently active Trusted Updates Certificate.
Option | Definition |
---|---|
Subject Name | The identifier of the certified entity. |
Public Key Algorithm | The public key algorithm that was used to sign the certificate. |
Key Length | The length of the key in bits. |
Serial Number | The sequence number of the certificate. The number is issued by the CA. |
Signature Algorithm | Shows the signature algorithm that was used to sign the certificate. |
Signed By | Shows the CA that signed the certificate. |
Subject Alternative Name | This field is not used. |
Valid From | Shows the start date of certificate validity. |
Valid To | Shows the end date of certificate validity. |
Fingerprint (SHA-1) | Shows the certificate fingerprint using the SHA-1 algorithm. |
Fingerprint (SHA-256) | Shows the certificate fingerprint using the SHA-256 algorithm. |
Fingerprint (SHA-512) | Shows the certificate fingerprint using the SHA-512 algorithm. |
Active | The Management Server and the NGFW Engines uses this certificate to verify the digital signatures of dynamic update packages and engine upgrades. |