After upgrading to A33.10 or to a hotfix version of the build, follow the steps in this topic before running your ASMS system.
Check upgrade success
To make sure that the upgrade to A33.10 was successful, perform system sanity checks.
Do the following:
-
In the algosec_conf main menu, select 17 System health.
-
Select 1: Check services status to check that basic ASMS processes are running on your machines.
-
Select 2: Check system health and run a Full check.
Run all firewalls
Run a manual analysis to create an unscheduled report on all on individual devices, groups, and matrices defined in AFA. See Run a manual AFA analysis.
SSO integration (if applicable)
If you used custom UID parsers (in pre-existing SSO environments), you may need additional adjustments to your local code. See Configure a customized UID parser.
For Check Point R80 device R80.30 and lower | configure SFTP
For an R80 device version R80.30 and lower, enable SFTP on the device. To enable SFTP, see Check Point SecureKnowledge article sk82281.
Google Cloud ACE permissions check
After upgrading to A33.10, make sure every ACE Cloud Network Security-related permission is up to date so that maps & Traffic Simulation Queries will run flawlessly. See ACE Google Cloud Permissions.
For Azure Subscriptions
Note: In A33.10, to view Azure topology on the ASMS map (for Traffic Simulation Queries and automation), you must onboard your Azure subscription in both ASMS and ACE. You can add Azure subscriptions separately in each tool, or use one‑step onboarding (in Early Availability) to register the subscription in both ACE and ASMS at once—saving setup time and effort. See Simultaneously onboard Azure subscriptions into ACE and ASMS.
Do the following:
| Case | Do this |
|---|---|
| If you already have all your Azure subscription(s) onboarded to both ACE and ASMS | |
| If you have ACE, but don't have all your Azure susbscriptions onboarded to both ACE and ASMS |
|
| If you don't have ACE connected to ASMS |
|
Clear your browser's cache