- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
So it would appear that the version of the Gaia kernel was updated in R81.20 to 3.10.0-1160.15.2cpx86_64 from the older 3.10.0-957.21.3cpx86_64 which maps from RHEL 7.6 to RHEL 7.9.
Were there specific reasons Check Point decided to update the kernel in this release beyond getting the latest package updates (most of which are stripped out by Check Point anyway as part of Gaia hardening), some stronger Gaia ciphers, and support for the latest hardware (storage controllers, NICs, etc)?
One area of interest in the RHEL release notes: it appears the NIC driver versions for igb/ixgbe/i40/mlx_core have all been updated. While this is generally a good thing (and I know that NIC drivers are sometimes updated in Jumbo HFAs) this has been an area of concern in the past in regards to performance & stability and sometimes even behavioral changes. An example of the latter is sudden RX-DRPs appearing when Gaia 3.10 was first deployed due to unknown EtherTypes detailed in sk166424: Number of RX packet drops on interfaces increases on a Security Gateway R80.30 and higher ...
I looked through the RHEL 7.7-7.9 release notes and didn't see any new interesting capabilities or commands directly relevant to how Gaia is used to run Check Point software, does R&D care to share any tips or tricks present in this kernel update? Tagging @PhoneBoy
TAC R&D where involved and had something to do with vlan tagging issues as a result of the kernel change. This only happened when doing an in-place upgrade and R&D advised to do a clean build which would resolve the issue.
This was a few years back so details are vague now.
I suspect the main reasons for updating the Linux kernel are:
Longer term, I suspect we'll see more frequent updates to the Linux kernel included in Gaia.
It probably won't happen with every release, but it will definitely happen more frequently than during the 10+ year stretch where the Linux 2.6 kernel was used.
Thanks. The updating of the Gaia kernel is a relatively rare event, and I was wondering if there were any reasons not part of the standard ones you listed. Gotta admit I get a little nervous whenever the NIC drivers get touched as there have been some issues introduced in the past such as soft lockups, TCP offloads, improper traffic balancing of multiple queues, Emulex/Broadcom NIC issues, etc.
None that I'm aware of anyway 🙂
I hope that when doing upgrades this does not cause an issue. When I went from R80.30 to R80.40 (I believe that's when kernel 3.10 was introduced) it caused a world of pain and we had to do a clean rebuild.
A world of pain? Any details?
TAC R&D where involved and had something to do with vlan tagging issues as a result of the kernel change. This only happened when doing an in-place upgrade and R&D advised to do a clean build which would resolve the issue.
This was a few years back so details are vague now.
This most recent update is simply a minor build update within the 3.10 kernel, whereas the prior kernel transition was a huge jump from 2.6.18 to 3.10 along with a major filesystem type change. The chances of the kernel build update in R81.20 causing some new issues are quite low but never zero, which is why I created this thread.
I recall customer telling me about this few years ago, but I never had to do clean install due to it. Hope I dont jinx it now lol 🤞
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 66 | |
| 22 | |
| 7 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 3 | |
| 2 | |
| 2 |
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY