- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
The full CheckMates Fest 2021 video is available to CheckMates members.
Opening video is below.
Selected questions asked during the session are highlighted below.
Yes, both for Endpoint Management and Network Security Management.
We’ve offered unified policy for MAB since R80.10. Legacy mode (and some settings) still requires SmartConsole in R81.
Its a formal part of our Shift Left approach and CloudGuard as enterprise management (where the UI elements are being added these days). In addition, it can be used as one-off from command line for developer consumption.
This has been available for several versions already. A lot of improvements came out in the last few versions including TLS 1.3 support and Secure SNI handling (patented technology). Being on the latest release will ensure you can leverage all this functionality.
yes
We are formally supporting the StrongSWAN client for Remote Access VPN with R81 gateways.
We support StrongSWAN for VPN for R81 gateways.
We participate in third party testing in general, yes, but not every third party test by every third party.
Planned for the near future.
We are working on this as part of our upcoming XDR offering, which is coming soon.
Technically you can do it today through the log exporter integration. You can export the forensics logs and then consume them in Service Now. We plan to do more native integration as part of the XDR offering.
As it stands right now, we have a few security options for SDP/SASE. One of which, is Odo, which is being integrated as part of the CloudGuard Connect offering. See also CloudGuard Edge.
This is supported with HTTPS Inspection enabled.
All CheckMates-related webinars are posted here on CheckMates. For other webinars, most of them will appear here: https://www.checkpoint.com/webinars/
Think of SDR as an extension of EDR, covering not only endpoint but also FW, mail, mobile, cloud and more. On top of that, Threat Hunting, Incident analysis, Check Point intelligence and more.
What is the evergreen client?
Aclient which is always up to date, like your Chrome browser. It always updates itself to the last version automatically. We already doing it on Linux agent and browser agent. We are going to extend it to Windows and Mac.
All Check Point protections leverage ThreatCloud, which is a mixture of the aforementioned. More details in the Threat Prevention Admin Guide .
The new IoT protect is built as a cloud solution and it will be available first for GAiA, but later also for SMB / Embedded GAiA.
All should be Gaia, but you can mix different appliances
The deployment agent for SNX is still Java currently. SNX itself is a native component.
Very soon. this is what was mentioned as "application security" in the cloudguard roadmap
Yes, it is managed through the endpoint web management available on premise from R81. This will ultimately replace SmartEndpoint with a more convenient & modern management.
You can upgrade from R80.20 and up to R81. The upgrade process received many improvements to make sure it's much better than the experience from R77.x. These include a detailed upgrade report and improved robustness. If you are on R80.10 or earlier, you'll need to do an upgrade first to R80.20 or up (preferably to R80.40).
In many ways, yes. Obviously, not in the physical aspects, but with the anti-phishing and other various network and endpoint protections we offer, including VPN, can help protect you from COVID-related attacks. (Such as false emails, etc.). Our CloudGuard Connect is a cloud service that is built to answer this need. Customers can connect their branch offices and remote users (either clientless or using the soon to be released CGC client application) and get secure access and threat prevention to both the Internet and to their internal corporate assets.
It is “migrate server” command now. If you are talking about migrating between two versions, you do have to use the target migration tool to export file, and then import it to a clearly installed server. From R80.20, you no longer need to manually download the target migration tool. The new mechanism is auto-updatable so as long as you're online, just run the command and specify the target version as the parameter.
Yes. You can configure the Log Exporter functionality with Smart-1 Cloud and specify your SIEM as a target. A couple of tips:
Management High Availability isn't dependent on the hardware. Just make sure that both machines are powerful enough for your environment and have the required licenses to manage your gateways.
Referencing to SDWAN more generally... we continue to value best of breed and partner but also we are adding internal SDWAN capabilities (we started with policy based routing but we will get more serious). Additional functionality will be added in later releases.
Will slides be provided. I would like to forward to management and they normally do not have time available to watch a webinar.
For roadmap sessions, we usually do not distribute slides.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY