How does "Fetch Policy" work on small appliances centrally managed in r80.10

[terri8369]

We have about 100 CP1100 and 1430 gateways being managed in R80.10. Each one is set to "fetch" policy every two hours. I have recently made changes and noticed they are not actually getting the changes, I was wondering if this has changed from 77.30?

Detail...

I made a change to a firewall policy to block all traffic from a particular desktop last week as a test. I saved the policy but did not specifically push it to the firewall. The PC traffic was not blocked even after a week, when I finally pushed it to the checkpoint itself. The 1430 never "fetched" the new policy.

In another instance, I added a workstation to a group object. The group has access to ping the remote checkpoints and their modems. I published the change and installed the main policy (not the policy on the remote locations), and again, the change was not effective.

Is it a requirement now to install the policy to all the remote locations to get a new policy on them? Is the fetch option no longer working in R80.10? I don't recall having to push policy to every gateway in r77.30 under SmartProvisioning, is that something SP did behind the scenes?

Any insight is greatly appreciated.

terri

[Bob_Zimmerman]

Edges used a policy fetch system. On the SmartCenter, "pushing" policy to the Edge (or an LSM profile for a group of Edges) instead compiles it, saves it locally on the SmartCenter, then sends the Edge a signal to do an out-of-cycle policy fetch. I don't have experience with GAiA Embedded, but I suspect the boxes work similarly. If I'm right, the files the firewall fetches are updated on policy "push", not when you simply save.