Zero Phishing in R82.10 - What's New?

CP_TME — Wed, 10 Dec 2025 08:43:00 GMT

Quantum Zero Phishing in R82.10 – Now Protecting HTTPS Traffic Without HTTPS Inspection

Hey CheckMates,

One of the most meaningful enhancements in R82.10 is a major architectural improvement to Quantum Zero Phishing—and it directly addresses one of the most common deployment challenges we’ve all faced: HTTPS Inspection.

In R82, HTTPS Inspection was required to detect phishing over encrypted traffic. In R82.10, that’s no longer mandatory.

Zero Phishing can now detect and block phishing attempts on HTTPS websites without enabling HTTPS Inspection, by using:

SNI (Server Name Indication)

Real-time domain intelligence from ThreatCloud AI

This is a significant step forward for performance, privacy-sensitive environments, and simplified deployments.

Quick Refresher: What Is SNI?

SNI (Server Name Indication) is part of the TLS handshake and allows the client to declare the target hostname before encryption is fully established.

From a security perspective, this means:

Multiple domains can share a single IP

The gateway can still see the destination hostname even when traffic is encrypted

That single capability unlocks phishing prevention without decryption.

How Zero Phishing Uses SNI in R82.10

1️⃣ SNI Inspection at Connection Time

When a user connects to an HTTPS site:

The gateway inspects the SNI field

The destination hostname is extracted before encryption completes

2️⃣ ThreatCloud AI Domain Analysis

The hostname is sent to ThreatCloud AI and evaluated against:

Known phishing domains

Newly discovered malicious infrastructure

Suspicious hosting and redirect networks

3️⃣ Automated Enforcement

If the domain is malicious:
✅ The session is blocked immediately
✅ No HTTPS Inspection is required

If SNI alone isn’t sufficient:

The gateway can optionally fall back to full SSL/TLS Inspection (if enabled)

4️⃣ Full Visibility & Logging

Users receive a block page or warning

Full event details are logged in:

Infinity Portal

SmartConsole logs

Why This Matters in the Real World

✅ No Mandatory HTTPS Inspection
Great for regulated, privacy-sensitive, and performance-critical environments.

✅ Better Performance at Scale
Lower CPU overhead, faster TLS handling.

✅ High Detection Accuracy
SNI allows precise identification—even when multiple domains share the same IP.

✅ Native Protection for Encrypted Traffic
Zero Phishing now works by default on HTTPS sites.

Bottom Line

With R82.10, Zero Phishing is no longer dependent on HTTPS Inspection for encrypted traffic protection. By combining SNI-based visibility with ThreatCloud AI, Check Point delivers:

High-confidence phishing detection

Reduced operational complexity

Improved performance

Strong protection for modern encrypted environments

If you’re already running R82.10, this is one enhancement you should absolutely take advantage of.

Re: Zero Phishing in R82.10 - What's New?

the_rock — Tue, 09 Dec 2025 13:53:53 GMT

Great update!

Re: Zero Phishing in R82.10 - What's New?

genisis__ — Tue, 09 Dec 2025 18:05:43 GMT

Really good step!

Re: Zero Phishing in R82.10 - What's New?

cyberserge — Mon, 23 Feb 2026 06:30:16 GMT

It's a great step as the protection doesn't stop just because there's no HTTPS Inspection

Re: Zero Phishing in R82.10 - What's New?

Tom_Hinoue — Tue, 24 Feb 2026 06:17:16 GMT

Sounds Great!

Just wondering...

Users receive a block page or warning

Doesn't this require Full SSLINS if we want to redirect clients to User Check?

Re: Zero Phishing in R82.10 - What's New?

PhoneBoy — Tue, 24 Feb 2026 22:47:11 GMT

Yes, this generally does.

Re: Zero Phishing in R82.10 - What's New?

D_TK — Wed, 25 Feb 2026 00:13:16 GMT

Any best guess as to when 82.10 will be "recommended"? Trying to figure out if this is going to be a summer project.

Re: Zero Phishing in R82.10 - What's New?

Tom_Hinoue — Wed, 25 Feb 2026 00:36:00 GMT

Thanks for the clarification 🙂
It just sounded like we could now show block pages to users without SSLINS from the context 😁

topic Zero Phishing in R82.10 - What's New? in General Topics

Zero Phishing in R82.10 - What's New?

Re: Zero Phishing in R82.10 - What's New?

Re: Zero Phishing in R82.10 - What's New?

Re: Zero Phishing in R82.10 - What's New?

Re: Zero Phishing in R82.10 - What's New?

Re: Zero Phishing in R82.10 - What's New?

Re: Zero Phishing in R82.10 - What's New?

Re: Zero Phishing in R82.10 - What's New?