Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Admin
Admin

Ask Me Anything with Dr. Dorit Dor and Team: Video and Q&A

Full video available for CheckMates members.
Excerpt with question asked by @Vladimir below:

Selected Q&A will be added as comments below.

0 Kudos
6 Replies
Highlighted

I have one last question for @Dorit_Dor being one of the "quantum" gateway (26000) early adopters - why would you call a regular Linux binary machine a "quantum" GW? 🙂 apologies if that info was available somewhere, I might have missed it!

 

 

0 Kudos
Highlighted

Quantum is a product name that represents that these new gateways are the future of Network Security - there to deal with Gen VI security challenges.

At the end of the day it is conceptual name. Not representing the "spec" of the device as a Quantum-compute based device. These are still work-in-process ;-).

0 Kudos
Highlighted
Admin
Admin

Selected questions asked during the session.

Are Ongoing JHF Safe? When Are They Moved to GA?

Generally we only recommend using an "ongoing" JHF if you are experiencing one of the issues it is intended to solve. Otherwise, it is best to stick to JHFs that are considered a GA take, which are only declared after a certain level of adoption, quality, and stability. More information in our Jumbo Hotfix FAQ.

Is R80.40 Stable?

The feedback we've seen from customers has been positive. If you have specific issues, work with your local Check Point office and/or the TAC.

When is SandBlast Agent for Linux Coming?

We have an Early Availability ongoing now.

When will the new Chromium-based Microsoft Edge browser be supported by SandBlast Agent?

Soon. See this thread for details.

When is Dome9 Coming for Oracle Cloud?

This is under evaluation with no concrete dates as of yet.

What has Check Point's observation been on hackers during COVID-19? Is it phishing, malware, BEC or something else?

We have quite a few findings around this. Refer to the Check Point Research page for specifics.

When it is expected for the WAAP and serverless security within Dome9 to be GA? Also, what can we expect from the WAAP regarding supported platforms now and what is on the roadmap?

Serverless Security was just released as part of Dome9. WAAP is currently in EA. 

 

0 Kudos
Highlighted
Admin
Admin

Infinity SOC has just launched, are there any plans to enable full SOC capability to integrate non Check Point customers?

With the current InfinitySOC, one can investigate any type of IOC from Check Point and 3rd party products and geT very detailed report powered by ThreatCloud. We are planning to integrate InfinitySOC with Splunk later this year.

With regard to IoT, do you have a method to determine malicious actions as opposed to expected traffic patterns?

With InfinitySOC, you can distinguish between Security Alert to Infected host (Mobile, IoT, Cloud, Device) with 99% accuracy 

With the new Check Point IoT Protect (an online service available soon), one can define a few things:

  1. ZeroTrust policy based on IoT device identify and profile (policy is produced automatically)
  2. Prevent known IoT/ OT vulnerabilities
  3. Generate firmware vulnerability report. 

During the year, we will introduce more capabilities for IoT Protect.

Is Check Point looking into their appliances if they can withstand a sudden burst of traffic due to the COVID-19 situation?

Irrespective of the COVID-19 situation, there are multiple improvements for performance features, allowing more effective use of resources. For example, R80.40 comes with Dynamic Workloads. This feature allow dynamically re-assign SND and FWK roles, depending on the traffic. More details in our Dynamic Workloads in R80.40 TechTalk session.

What initiatives are underway to enhance Remote Access capabilities?

We are working on multiple enhancements for Remote Access

  1. New Mobile Access portal coming in R81, but available for EA now.
  2. The new CloudGuard Connect solution is now supporting Remote Access .. soon to be GA
  3. A Remote Access central solution that can be deployed in Azure. This solution gives a single point of Remote Access Registration that can automatically scale up. This is available for EA now.

We are working on a new dashboard for remote access across all Check Point & 3rd party products (e.g. Citrix, SaaS applications). In addition, we are working to offer a unified solution for Remote Access compliance check across all product to be presented in this dashboard.

Are Simultaneous Policy Installations Coming?

Yes, this is planned for R81.

What about managing VSX Gateways with Smart-1 Cloud?

This is a work in progress. Please contact your local Check Point office for more detailed information.

What is the plan for PBR based on applications categorized (O365, Gsuite, WeTransfer, Youtube) and custom?

This is already available in R80.40 through a hidden feature. We do plan to further enhance this feature.

Mobile features as LTE/SCTP/GTP will be supported on R81?

Yes.

Does SmartWorkflow Exist in R80.x?

Functions of SmartWorkflow have been integrated into R80.x over time. In R81, you will find a compare function.

What does the OS alignment/feature roadmap look like for the Maestro and Security Gateways look like?

This is planned for R81.

What about a web-based SmartConsole?

This is planned, yes.

Will there be continued heavy dependency on HTTPS Inspection in the future or will the future releases work better with Categorize HTTPS Websites?

We have improved Categorize HTTPS Websites functionality by adding SNI verification in R80.30. However, much of the malware will be hidden inside the payload, which means categorizing the website won't be enough.

The upcoming Check Point Browser Nano Agent Security is the perfect solution to secure web browsing. This new product will inspect all the HTTPS traffic within the browser. This includes URL filtering, file download inspection, Threat Prevention, and even prevent users from using corporate credentials with private websites. The power of this solution is that the security is taking place on the browser and not in the cloud or on the GW. Therefore, you don’t have the challenge of latency, privacy, SSL key management, and cloud cost.

Many service requests have a CP TAC reaction time which is too long. What is you plan to improve this situation?

We constantly measure the quality of service, and we are now implementing new technologies to monitor even more aspects of the service in order to improve. If you have issues with a specific SR, please follow the Check Point TAC Support Escalation Path.

I have utilized the CheckMates Labs for R80.40 and I absolutely appreciate the ability to review new features in a lab. Will you expanding the labs to include additional features in the future?

Yes, we are. If you have specific requests, please post them on the community.

VPN Client for Linux?

We have a hotfix that supports StrongSwan already, and are planning to integrate this into R81. There are also two other possible solutions suggested by @Soeren_Rothe:

What about supporting more than 1000 users in Visitor Mode for Remote Access?

This fix is included in the latest R80.40 JHF.

 

 

Highlighted

How is CloudGuard Connect doing in the market currently?

Customer feedback for CloudGuard Connect:

So far the feedback was very positive on the threat techniques that we can apply as we leverage our market leading cybersecurity products, now served as a service.
As well as the ease of use with cloud web management and connecting sites or users within a few minutes.

 

0 Kudos
Highlighted
Employee
Employee

When will you correct the datasheet for SG6700, regarding the firewall performance ?

Datasheet will be updated by end-of July

 

What about 6800 & 6900 appliances? those appliances are going to be end of life ? because those appliance is not showed in "appliance comparison chart"

6500/6800 are in the catalog, though they are part of the 2016 End-Of-Sale announcement.

6900 is part of Quantum, and although it’s not in the HomePage catalog, it can be found via Search and quoted.

0 Kudos